Netgear’s latest STM security appliances - the result of its acquisition of Chinese company CP Secure in 2008 - move it firmly into the web and message content security market. The family consists of three appliances with the STM300 in this exclusive review targeting mid-sized businesses with up to 300 concurrent users.

Netgear did actually launch these appliances a few months ago but at the time a number of important features had yet to be implemented. This has now been remedied so the STM300 includes the missing quarantining, IM and P2P app controls and support for Active Directory.

Few in the UK will have heard of CP Secure, but rest assured the STM300 offers a powerful partnership of security measures. Kaspersky looks after anti-virus and anti-malware scanning whilst Commtouch’s RPD (recurrent pattern detection) and GlobalView services handle anti-spam and URL filtering.

The main contribution from CP Secure is its stream scanning technology. This uses a multithreaded approach which starts scanning and analysing traffic as it enters the network. Instead of waiting for a complete file to be received it scans bytes as they arrive and uses another thread to deliver them effectively providing near real-time scanning.

The STM300 is a 1U rack mount appliance offering a triplet of Gigabit ports with one for dedicated management access. The other two incorporate a hardware bypass circuit so if the appliance fails it won’t take your internet connection with it.

Installation is swift as all STM appliances function as transparent gateways. For testing we just dropped the STM300 in between our LAN and main firewall without having to reconfigure our test clients. However, it would add value if Netgear implemented the SPI firewall included in its UTM appliances as smaller businesses could then use one appliance for all their gateway security needs.

The web interface is basic but intuitive and a quick start wizard gets you off the starting blocks. This assists with securing management access and configuring web and mail scanning services and email notification. All signature and database updates can be automated and checks can be as frequent as every 15 minutes.

The GlobalView URL filtering provides 64 categories to pick and choose from whilst mail scanning covers SMTP, POP3 and IMAP protocols. An unusual feature at this price point is the ability to scan HTTPS as well as HTTP and FTP web traffic.

Along with the CommTouch RPD, Netgear’s anti-spam arsenal also includes black and white lists, RBLs and heuristics where the later allows suspect messages to be tagged. Mail content filters are relatively basic as you can filter by keywords in the subject line or attachment filename or extension but not by actual message content.

The appliance can now remove and quarantine suspect attachments from inbound and outbound mail before passing the message on. The quarantine area is implemented on the internal hard disk and can also be used for dumping dodgy...

Author: Dave Mitchell

Read more from IT PRO: Netgear ProSecure STM300