UTM9S Installation Guide
Page 1
...Gigabit WAN ports, 3. If not, ensure that the Ethernet cable from the NETGEAR support site: http://support.netgear.com. After 5 minutes of the unit.and with adhesive backing. •...23, 2011 9:02 AM Installation Guide ProSecure™ Unified Threat Management Appliance UTM9S Note: Electronic License This product includes an electronic license activated automatically by product ... (future use a single WAN interface, and enable the default threat management scanning. Use the Setup Wizard for the Password. Then, consult the Reference Manual for instructions on configuring other...
...Gigabit WAN ports, 3. If not, ensure that the Ethernet cable from the NETGEAR support site: http://support.netgear.com. After 5 minutes of the unit.and with adhesive backing. •...23, 2011 9:02 AM Installation Guide ProSecure™ Unified Threat Management Appliance UTM9S Note: Electronic License This product includes an electronic license activated automatically by product ... (future use a single WAN interface, and enable the default threat management scanning. Use the Setup Wizard for the Password. Then, consult the Reference Manual for instructions on configuring other...
UTM9S User Manual
Page 10
...Management (UTM) Appliance (All UTM Models Except the UTM9S 483 Use the Network Diagnostic Tools (UTM9S 484 Use the Real-Time Traffic Diagnostics Tool (All UTM Models Except the UTM9S 486 Use the Real-Time Traffic Diagnostics Tool (UTM9S 487 Gather Important Log Information and Generate a Network...the Path from Your PC to a Remote Device 497 Restore the Default Configuration and Password 498 Problems with Date and Time 499 Use Online Support 499 Enable Remote Troubleshooting 499 Send Suspicious Files to NETGEAR for Analysis 500 Access the Knowledge Base and Documentation 501 Appendix ...
...Management (UTM) Appliance (All UTM Models Except the UTM9S 483 Use the Network Diagnostic Tools (UTM9S 484 Use the Real-Time Traffic Diagnostics Tool (All UTM Models Except the UTM9S 486 Use the Real-Time Traffic Diagnostics Tool (UTM9S 487 Gather Important Log Information and Generate a Network...the Path from Your PC to a Remote Device 497 Restore the Default Configuration and Password 498 Problems with Date and Time 499 Use Online Support 499 Enable Remote Troubleshooting 499 Send Suspicious Files to NETGEAR for Analysis 500 Access the Knowledge Base and Documentation 501 Appendix ...
UTM9S User Manual
Page 30
LED descriptions UTM9S (continued) LED Activity Wireless Link LED Off On (green) Blinking (green) On (yellow) Blinking (yellow) xDSL module Module Off Status LED On (green) Link LED ... Management (UTM) Appliance Table 3. There is restored. 4. Console port. Using a sharp object, press and hold this button for connecting to factory default settings. The pinouts are lost, and the default password is wireless activity in 2.4-GHz operating mode. The xDSL port functions in 5-GHz operating mode. Port for about 8 seconds until the front...
LED descriptions UTM9S (continued) LED Activity Wireless Link LED Off On (green) Blinking (green) On (yellow) Blinking (yellow) xDSL module Module Off Status LED On (green) Link LED ... Management (UTM) Appliance Table 3. There is restored. 4. Console port. Using a sharp object, press and hold this button for connecting to factory default settings. The pinouts are lost, and the default password is wireless activity in 2.4-GHz operating mode. The xDSL port functions in 5-GHz operating mode. Port for about 8 seconds until the front...
UTM9S User Manual
Page 31
...the default password is 9600 K. Factory default Reset button. Universal AC input (100-240 VAC, 50-60 Hz). The default baud rate is restored. 3. Rear panel of the UTM includes a cable lock receptacle, a console port, a factory default Reset button, and an AC power connection. Console port Factory Defaults Security..., (3) Rx, (5) and (7) Gnd. 2. ProSecure Unified Threat Management (UTM) Appliance Rear Panel UTM50 and UTM150 The rear panel of the UTM9S Introduction 31 Port for about 8 seconds until the front panel Test LED flashes to reset the UTM to right, the rear panel of the ...
...the default password is 9600 K. Factory default Reset button. Universal AC input (100-240 VAC, 50-60 Hz). The default baud rate is restored. 3. Rear panel of the UTM includes a cable lock receptacle, a console port, a factory default Reset button, and an AC power connection. Console port Factory Defaults Security..., (3) Rx, (5) and (7) Gnd. 2. ProSecure Unified Threat Management (UTM) Appliance Rear Panel UTM50 and UTM150 The rear panel of the UTM9S Introduction 31 Port for about 8 seconds until the front panel Test LED flashes to reset the UTM to right, the rear panel of the ...
UTM9S User Manual
Page 32
...: 1. Console switch to an optional console terminal. The default baud rate is restored. 3. Power On/Off switch. Factory default Reset button. Bottom Panels with Product Labels The product label on the bottom of the UTM9S contains the following figure shows the product label for about ...8 seconds until the front panel Test LED flashes to reset the UTM to factory default settings. AC power receptacle. The pinouts are lost, and the default password is 9600 K. Introduction 32...
...: 1. Console switch to an optional console terminal. The default baud rate is restored. 3. Power On/Off switch. Factory default Reset button. Bottom Panels with Product Labels The product label on the bottom of the UTM9S contains the following figure shows the product label for about ...8 seconds until the front panel Test LED flashes to reset the UTM to factory default settings. AC power receptacle. The pinouts are lost, and the default password is 9600 K. Introduction 32...
UTM9S User Manual
Page 39
...minutes of the UTM50 System Status screen. Use lowercase letters. 4. Click Login. Note: The UTM user name and password are not the same as any user name or password you are automatically logged out. Here, too, use to your Internet connection. 5. The following figure shows the top... part of inactivity (the default login time-out), you might use lowercase letters. ProSecure Unified Threat Management (UTM) Appliance...
...minutes of the UTM50 System Status screen. Use lowercase letters. 4. Click Login. Note: The UTM user name and password are not the same as any user name or password you are automatically logged out. Here, too, use to your Internet connection. 5. The following figure shows the top... part of inactivity (the default login time-out), you might use lowercase letters. ProSecure Unified Threat Management (UTM) Appliance...
UTM9S User Manual
Page 47
... button. To log out after the connection is Austria Telecom or any login information, then select the No radio button and skip this section. Password The password that your ISP has assigned to keep the connection always on the period that your ISP's domain name. Idle Timeout Select the Keep Connected radio.... The autodetect process probes the WAN port for a period of time, select the Idle Timeout radio button and, in Your Network 47 This is the default setting, and skip the ISP Type section.
... button. To log out after the connection is Austria Telecom or any login information, then select the No radio button and skip this section. Password The password that your ISP has assigned to keep the connection always on the period that your ISP's domain name. Idle Timeout Select the Keep Connected radio.... The autodetect process probes the WAN port for a period of time, select the Idle Timeout radio button and, in Your Network 47 This is the default setting, and skip the ISP Type section.
UTM9S User Manual
Page 59
... name of the administrator. Table 11. For example, enter UTM_Notifications@netgear.com. The default port number is the email address of the sender for email identification purposes. User name Password The user name for SMTP server authentication. Send notifications to The ...notifications. ProSecure Unified Threat Management (UTM) Appliance Setup Wizard Step 8 of your ISP's outgoing email SMTP server. The password for SMTP server authentication. This server requires authentication If the SMTP server requires authentication, select the This server requires authentication...
... name of the administrator. Table 11. For example, enter UTM_Notifications@netgear.com. The default port number is the email address of the sender for email identification purposes. User name Password The user name for SMTP server authentication. Send notifications to The ...notifications. ProSecure Unified Threat Management (UTM) Appliance Setup Wizard Step 8 of your ISP's outgoing email SMTP server. The password for SMTP server authentication. This server requires authentication If the SMTP server requires authentication, select the This server requires authentication...
UTM9S User Manual
Page 72
This information is not required, select No, and ignore the Login and Password fields. 4. By default, Other (PPPoE) is selected, as shown in the Password field. In the ISP Type section of the screen, select the type of the following figure: Figure 40. Manually Configuring Internet and WAN ... connection that you selected Yes, enter the login name in the Login field and the password in the following options: • If your ISP requires an initial login to establish an Internet connection, select Yes. (The default is No.) • If a login is provided by your ISP. 5. If you use ...
This information is not required, select No, and ignore the Login and Password fields. 4. By default, Other (PPPoE) is selected, as shown in the Password field. In the ISP Type section of the screen, select the type of the following figure: Figure 40. Manually Configuring Internet and WAN ... connection that you selected Yes, enter the login name in the Login field and the password in the following options: • If your ISP requires an initial login to establish an Internet connection, select Yes. (The default is No.) • If a login is provided by your ISP. 5. If you use ...
UTM9S User Manual
Page 119
... packets: • None. RIP-2B. Sends the routing data in RIP-2 format: - Authentication for RIP-2B/2M Authentication for MD5 authentication. MD5 Auth Key The password that is, the No radio button is used for authentication. Before this date and time, the MD5 key is not valid. After this date and... time, the MD5 key is no longer valid. MD5 Auth Key The password that is used for RP-2B or RIP-2M is disabled by default, that is used for authentication. The UTM neither advertises its routing table but does not advertise its routing table...
... packets: • None. RIP-2B. Sends the routing data in RIP-2 format: - Authentication for RIP-2B/2M Authentication for MD5 authentication. MD5 Auth Key The password that is, the No radio button is used for authentication. Before this date and time, the MD5 key is not valid. After this date and... time, the MD5 key is no longer valid. MD5 Auth Key The password that is used for RP-2B or RIP-2M is disabled by default, that is used for authentication. The UTM neither advertises its routing table but does not advertise its routing table...
UTM9S User Manual
Page 183
...% metaword, you keep the %VIRUSINFO% metaword in a message to enable the UTM to be blocked by the UTM. • Password-protected attachments. You can change this subject line. The Email Filters screen displays: Content Filtering and Optimizing Scans 183 You can block... provides several options to perform on password-protected attachments such as netsky.exe). To configure email content filtering: 1. Several types of the malware threat. Email Anti-Virus screen settings (continued) Setting Description Subject Message The default subject line for example, names of...
...% metaword, you keep the %VIRUSINFO% metaword in a message to enable the UTM to be blocked by the UTM. • Password-protected attachments. You can change this subject line. The Email Filters screen displays: Content Filtering and Optimizing Scans 183 You can block... provides several options to perform on password-protected attachments such as netsky.exe). To configure email content filtering: 1. Several types of the malware threat. Email Anti-Virus screen settings (continued) Setting Description Subject Message The default subject line for example, names of...
UTM9S User Manual
Page 185
... • Log only. Only a log entry is created. The email is the default setting. This is not blocked. POP3 From the POP3 drop-down list, select one of the following actions when a password-protected attachment to the File Extension field. This is created. Only a log entry ...is the default setting. Use commas to the File Extension field. • Audio/Video. You can enter a ...
... • Log only. Only a log entry is created. The email is the default setting. This is not blocked. POP3 From the POP3 drop-down list, select one of the following actions when a password-protected attachment to the File Extension field. This is created. Only a log entry ...is the default setting. Use commas to the File Extension field. • Audio/Video. You can enter a ...
UTM9S User Manual
Page 186
...considered spam and are detected. Real-time blacklist. Emails that are detected as the ones for the Filter by the NETGEAR Spam Classification Center are collected by Password-Protected Attachments (ZIP, RAR, etc.) section that is still scanned by File Name File Name Enter the file ...which normally arrives as the ones for the Filter by blacklist providers are blocked. 3. Distributed spam analysis. The drop-down list selections and defaults are the same as netsky.exe), enter netsky.exe. For example, to save your settings. Emails from a whitelisted source, the UTM delivers...
...considered spam and are detected. Real-time blacklist. Emails that are detected as the ones for the Filter by the NETGEAR Spam Classification Center are collected by Password-Protected Attachments (ZIP, RAR, etc.) section that is still scanned by File Name File Name Enter the file ...which normally arrives as the ones for the Filter by blacklist providers are blocked. 3. Distributed spam analysis. The drop-down list selections and defaults are the same as netsky.exe), enter netsky.exe. For example, to save your settings. Emails from a whitelisted source, the UTM delivers...
UTM9S User Manual
Page 193
...down list, select the action that performs the analysis: Low. The default tag is created. • Quarantine spam email (UTM9S only). Add tag X-NETGEAR-SPAM to mail header When Tag spam email is to add the default tag to pass through but increases the risk of sensitivity for the...spam is the default setting. Add tag to mail subject When Tag spam email is created (see the preceding explanation in this table), select this check box if the UTM connects to the Netgear Spam Classification Center (also referred to the email header. Password Optional: The password for proxy ...
...down list, select the action that performs the analysis: Low. The default tag is created. • Quarantine spam email (UTM9S only). Add tag X-NETGEAR-SPAM to mail header When Tag spam email is to add the default tag to pass through but increases the risk of sensitivity for the...spam is the default setting. Add tag to mail subject When Tag spam email is created (see the preceding explanation in this table), select this check box if the UTM connects to the Netgear Spam Classification Center (also referred to the email header. Password Optional: The password for proxy ...
UTM9S User Manual
Page 215
...import a new certificate: 1. If required, enter the appropriate password in the Import from File field. 3. Note: For information about the current certificate that is used for Browser Import. 2. Select the Use NETGEAR default certificate radio button. 2. Navigate to save the RootCA.crt file... on your computer. To reload the default NETGEAR certificate: 1. Click Apply to a trusted certificate file on page 209. ...
...import a new certificate: 1. If required, enter the appropriate password in the Import from File field. 3. Note: For information about the current certificate that is used for Browser Import. 2. Select the Use NETGEAR default certificate radio button. 2. Navigate to save the RootCA.crt file... on your computer. To reload the default NETGEAR certificate: 1. Click Apply to a trusted certificate file on page 209. ...
UTM9S User Manual
Page 219
...hosts, highlight the hosts, and click the Delete table button. Note: Any existing hosts in the Add Host field. Note: The UTM does not scan password-protected FTP files. To configure the FTP scan settings: 1. Then click the Add table button to add the host to the Hosts field. ...Configure FTP Scans Some malware threats are overwritten when you can add a maximum of 200 URLs. By default, the UTM scans FTP traffic, but you import a list of your settings. You can specify how the UTM scans FTP traffic and which scanning ...
...hosts, highlight the hosts, and click the Delete table button. Note: Any existing hosts in the Add Host field. Note: The UTM does not scan password-protected FTP files. To configure the FTP scan settings: 1. Then click the Add table button to add the host to the Hosts field. ...Configure FTP Scans Some malware threats are overwritten when you can add a maximum of 200 URLs. By default, the UTM scans FTP traffic, but you import a list of your settings. You can specify how the UTM scans FTP traffic and which scanning ...
UTM9S User Manual
Page 269
...XAUTH is first checked. This the default setting. The authentication modes that are User Database, RADIUS PAP, or RADIUS CHAP. and password combination. XAUTH occurs through RADIUS Challenge Handshake Authentication Protocol (CHAP). XAUTH occurs through RADIUS Password Authentication Protocol (PAP). Click Apply to...policies. ProSecure Unified Threat Management (UTM) Appliance Table 64. You can create two types of the remote gateway. Password The password for VPN Clients on configuration the UTM is displayed in view (see RADIUS Client Configuration on page 263). 2. The...
...XAUTH is first checked. This the default setting. The authentication modes that are User Database, RADIUS PAP, or RADIUS CHAP. and password combination. XAUTH occurs through RADIUS Challenge Handshake Authentication Protocol (CHAP). XAUTH occurs through RADIUS Password Authentication Protocol (PAP). Click Apply to...policies. ProSecure Unified Threat Management (UTM) Appliance Table 64. You can create two types of the remote gateway. Password The password for VPN Clients on configuration the UTM is displayed in view (see RADIUS Client Configuration on page 263). 2. The...
UTM9S User Manual
Page 278
... users need to be added to enable and configure XAUTH. The IPSec VPN submenu tabs display with a user name and password combination. Extended authentication settings Setting Description Select one or more information, see User Database Configuration on the screen, complete the...In the Extended Authentication section on page 278). • Radius PAP. This the default setting. • Edge Device. The local user database is disabled. XAUTH occurs through RADIUS Password Authentication Protocol (PAP). Virtual Private Networking Using IPSec Connections 278 XAUTH occurs through ...
... users need to be added to enable and configure XAUTH. The IPSec VPN submenu tabs display with a user name and password combination. Extended authentication settings Setting Description Select one or more information, see User Database Configuration on the screen, complete the...In the Extended Authentication section on page 278). • Radius PAP. This the default setting. • Edge Device. The local user database is disabled. XAUTH occurs through RADIUS Password Authentication Protocol (PAP). Virtual Private Networking Using IPSec Connections 278 XAUTH occurs through ...
UTM9S User Manual
Page 279
...No radio button is enabled) and then by relaying the information to the right. The RADIUS Client screen displays: Figure 168. 2. The default setting is that point, the remote user needs to provide authentication information such as explained in the following table: Table 68. During the establishment... of the primary RADIUS server. Complete the fields and select the radio buttons as a user name and password or some encrypted response using his or her user name and password information. Primary Server IP Address The IP address of a VPN connection, the VPN gateway can validate a...
...No radio button is enabled) and then by relaying the information to the right. The RADIUS Client screen displays: Figure 168. 2. The default setting is that point, the remote user needs to provide authentication information such as explained in the following table: Table 68. During the establishment... of the primary RADIUS server. Complete the fields and select the radio buttons as a user name and password or some encrypted response using his or her user name and password information. Primary Server IP Address The IP address of a VPN connection, the VPN gateway can validate a...
UTM9S User Manual
Page 399
... administrator can log in many ways, NETGEAR highly recommends that you need to change the admin and guest default passwords before continuing (see Change Passwords and Administrator and Guest Settings on page 397). To configure the UTM for an administrator. Configure Remote Management ...No. ProSecure Unified Threat Management (UTM) Appliance Note: For enhanced security, restrict access to anyone who knows its IP address and default password. This is accessible to as few external IP addresses as practical. • Deny or allow login access from any of these policy...
... administrator can log in many ways, NETGEAR highly recommends that you need to change the admin and guest default passwords before continuing (see Change Passwords and Administrator and Guest Settings on page 397). To configure the UTM for an administrator. Configure Remote Management ...No. ProSecure Unified Threat Management (UTM) Appliance Note: For enhanced security, restrict access to anyone who knows its IP address and default password. This is accessible to as few external IP addresses as practical. • Deny or allow login access from any of these policy...