NETGEAR ProSecure™ STM Series
Enterprise Strength Spam, Virus, & Web Filter Security.
An integrated hardware / software appliance for complete protection of a medium business' Web and email traffic. Modern Web 2.0 & cloud computing threats are mitigated through anti-malware / virus / phishing / spam / spyware technologies. A range of appliances is available for medium businesses with between 30 – 600 users.
Please click here to read important information regarding ProSecure Licensing and Renewals.
ProSecure STM Series Summary:
The ProSecure™ STM series of gateway security appliances uses a patent-pending Stream Scanning architecture to deliver best-of-breed business security. ProSecure™ employs millions of signatures to protect against known threats, and in-the-cloud zero-hour protection technology to proactively discover and block any suspected threats that have not yet been identified. Likewise, the NETGEAR® in-the-cloud Distributed Spam Analysis architecture shields networks from spam, phishing attacks, and other Email-borne threats.
Other solutions significantly dilute the efficacy of their offering by either utilizing open source or cutting essential features and services from their enterprise products to fit an SMB price point. But through its patent-pending Stream Scanning architecture, NETGEAR® provides complete enterprise-grade solutions, including advanced scanning technologies such as its comprehensive anti-malware engine, in-the-cloud Distributed Spam Analysis, and a proactive behavioral defense system that eliminates the gap between a vulnerability being exploited and the time it is fixed.
With ProSecure™ STM, subscriptions are simple with no per-user licensing. ProSecure™ Web and Email subscriptions each contain comprehensive protection for an unlimited number of users.
Key Features & Advantages:
|
|
Certifications:
Model Comparison:
There are three models in the ProSecure™ STM series of gateway security appliances. A single ProSecure™ STM can protect against Web- and Email-borne threats, both inbound and outbound. Each STM can support up to hundreds of users, with a maximum HTTP throughput rate of up to 260 Mbps and up to 960,000 Emails per hour.
| STM Models | STM 150 | STM 300 | STM 600 |
|---|---|---|---|
| Sizing Guidelines | |||
| Customer Type | Small Networks | Medium-sized Networks | Medium-sized Networks |
| Recomended Number of Concurrent Users | 20-150 | Up to 300 | Up to 600 |
| Concurrent Scanned HTTP Connections | 1,000 | 2,000 | 4,000 |
| HTTP Anti-virus Throughput¹ | 42 Mbps | 163 Mbps | 260 Mbps |
| SMTP Throughput¹ (emails/hour) | 139,000 | 420,000 | 960,000 |
| Content Security | |||
| Web (HTTP, HTTPS, FTP) |  |
|
|
| Email (SMTP, POP3, IMAP) | |
|
|
| Stream Scanning | |
|
|
| Inbound and Outbound Inspection | |
|
|
| Signature-Less Zero Hour Protection | |
|
|
| Malware Signatures | 3 Million+ | 3 Million+ | 3 Million+ |
| Automatic Signature Updates | Hourly | Hourly | Hourly |
| True HTTPS Scanning and Filtering | |
|
|
| Web Content Filters | Filter By: File Extension | ||
| Web Object Filters | ActiveX, Java, Flash, Javascript | ||
| Email Content Filters | Filter By: Subject Keywords, Password-Protected Attachments, File Extension, File Name | ||
| Distributed Spam Analysis | |
|
|
| Distributed Spam Analysis Supported Protocols | SMTP, POP3 | ||
| Anti-spam Real-time Blacklist | |
|
|
| User-defined Spam Allowed/Block Lists | Filter by: Sender Email Address, Domain, IP Address Recipient Sender Email Address, Domain | ||
| Distributed Web Analysis w/ 64 categories | |
|
|
| Instant Messaging (IM) Control | MSN Messenger, Yahoo Messenger, mIRC, Google Talk, QQ, ICQ | ||
| Peer to Peer (P2P) Control | BitTorrent, eDonkey, Gnutella | ||
| Media Application Control | iTunes (Music Store, update), Quicktime (Update), Real Player (Guide), Rhapsody (Guide, Music Store), Winamp (Internet Radio/TV) | ||
| Software Tool Control | Alexa Toolbar, GoToMyPC, Weatherbug, Yahoo Toolbar | ||
| Maximum Number of Users | Unlimited | ||
| User Authentication | Active Directory, LDAP, Radius, Local User Database | ||
| Content Filtering Policies | User, Group, IP Address, Subnet | ||
| Deployment | |||
| VLAN Support | |
|
|
| Logging and Reporting | |||
| Management | HTTP/HTTPS, SNMP v2c | ||
| Reporting | Summary Statistics, Graphical Reporting, Automatic Outbreak Alerts, Automatic Malware Notifications, System Notifications | ||
| Logging | Traffic, Malware, Spam, Content Filter, Email Filter, System, Application | ||
| Log Delivery | Management GUI Query, Email Delivery, Syslog | ||
| Hardware | |||
| Total Gigabit RJ45 Ports | 5 | 3 | 5 |
| Gigabit RJ45 Ports with Failure Bypass | 0 | 2 | 4 |
| Dedicated Management VLAN Ports RJ45 | 0 | 1 | 1 |
| Administration Console Port | RS232 | RS232 | RS232 |
| Form Factor | 1U | 1U | 1U |
| Major Regulatory Compliance | FCC Part 15 Class A, CE mark commercial, VCCI Class A, RoHS, UL listed, C-Tick | ||
| Storage and Operating | Operating Temperature 0-40°C (32°-104°F), Storage Temperature -20-70°C (-4°-158°F) |
||
| Operating Humidity | 5% to 95% RH | ||
| Electrical Specifications | 100-240V, AC/50-60Hz, Universal Input, 1.5 Amp Max | ||
| Dimensions: W x H x D (cm) | 44 x 4.35 x 25.8 | 42.6 x 4.44 x 50 | 42.6 x 4.44 x 50 |
| Dimensions: W x H x D (inches) | 17.3 x 1.7 x 10.2 | 16.8 x 1.75 x 19.7 | 16.8 x 1.75 x 19.7 |
| Weight (kg) | 3.68 | 8.2 | 8.2 |
| Weight (lb) | 8.1 | 18.1 | 18.1 |
| Package Contents | ProSecure Appliance (STM150, STM300, or STM600), Ethernet Cable, Power Cable, Rubber Feet, Warranty Card, Quick Installation Guide, End User License Agreement, CE Document, GPL Notice, Subscription Card (Bundles Only) | ||
| Hardware Warranty | 2 years | ||
¹ Testing performed in a lab benchmark environment. Actual performance may vary.
Sizing Guidelines
ProSecure™ STM appliances manage an organization's Internet usage and protects these organizations from Internet borne malware, spam, viruses, and inappropriate web surfing. With the ProSecure™ STM appliance sitting between the organization and the Internet, it is critical that the STM appliance is sized appropriately and matches the performance needs of the organization.
There are no industry-standard metrics for determining the model to select, as every organization is unique and displays different Internet usage characteristics. As such, NETGEAR® uses several specifications to evaluate the applicability of an STM appliance:
Throughput:
A starting point is to estimate the throughput your organization requires between its internal network and the Internet. As the STM appliance sits between your internal network and the Internet, this throughput number is the total amount of traffic that can be passed with the STM in place.
Concurrent Clients:
The number of concurrent clients represents the maximum number of currently active clients that can simultaneously access the Internet through the STM. NETGEAR® STM Appliances' Concurrent Client rating is a number that is measured assuming that each active client is currently engaging in an "average" web browsing session with multiple connections to multiple websites.
In general, your organization's concurrent client count should be less than the total number of users in your organization. For instance, if your organization has 1000 users, perhaps only 800 of those users have Internet access via a computer. Moreover, on the average, perhaps only 75% of those users are in the office at any point in time (75% x 800 = 600 users). Lastly, you may perhaps estimate that only 50% of those users (50% x 600 = 300 users) are actually on the Internet browsing web traffic at a given time.
Concurrently Scanned HTTP Connections:
Users who are actively browsing the Internet can typically be estimated to have 5 active HTTP connections at any point in time with a 60% rate of concurrency (yielding 3 connections). This number accommodates averaged situations where some users are heavily browsing the web or using Internet bandwidth intensive applications. Note that the peak number of connections can exceed these estimates if there is extraordinarily heavy usage of Internet bandwidth or connection intensive applications such as Peer 2 Peer applications are being used.
Email Throughput:
The rate at which users send and receive Emails varies widely in organizations, and is also dependent on the amount of spam an organization is receiving. For instance, if users, on the average, send and receive 30 legitimate emails per hour and 70% of Email traffic is SPAM, then each user will contribute 100 Emails per hour to the overall system load. A 200 user organization could then be expected to experience an Email load of 200,000 messages per hour.
| STM Model Capacity | STM 150 | STM 300 | STM 600 |
|---|---|---|---|
| Firewall Throughput (Mb/s) | 42 | 160 | 260 |
| Concurrent Clients | 145 | 333 | 600 |
| Concurrently Scanned HTTP Connections | 1,000 | 2,000 | 4,000 |
| SMTP Throughput (emails/hour) | 139,000 | 420,000 | 960,000 |
Sample Organizations:
When sizing an STM for an organization, throughput, concurrent clients, concurrent connections, and Emails processing capability should all be assessed against the characteristics of the organization. In the examples below, we have outlined potential sample organizations and the recommended STM appliances for each organization.
| Organization Characteristics | Suggested STM Model |
|---|---|
| 10 Mbps Throughput 100 concurrent clients 300 concurrently scanned HTTP connections 100,000 Emails / hour |
STM150 |
| 40 Mbps Throughput 250 concurrent clients 800 concurrently scanned HTTP connections 300,000 Emails / hour |
STM300 |
| 120 Mbps Throughput 500 concurrent clients 1600 concurrently scanned HTTP connections 700,000 Emails / hour |
STM600 |