Netgear ProSecure STM150 review
The launch of the ProSecure STM family signals Netgear’s first move into web and messaging content security. It keeps the focus on its traditional target market of SMBs, offering three appliances that all deliver the same features but with varying degrees of processing power.
The ProSecure is a result of Netgear’s acquisition of Chinese company CP Secure in 2008. The latter had almost no visibility in the UK, but a quick glance at the ProSecure’s credentials shows it capable of offering a formidable array of security measures.
Kaspersky looks after antivirus and anti-malware scanning, while Commtouch’s RPD (recurrent pattern detection) and GlobalView services handle anti-spam and URL filtering. CP Secure’s main contribution is its stream scanning technology, which scans traffic as it enters the network rather than waiting for an entire file to be received, effectively providing near real-time scanning at the gateway.
Aimed at small networks with between 20 and 100 concurrent users, the STM150 functions as a transparent bridge, to be dropped in behind an existing firewall, with no requirement for client configuration. You get four Gigabit LAN ports and a single Gigabit WAN port, but hardware bypass circuits are provided only on the larger STM300 and 600 appliances, so if the appliance fails you’ll lose internet access.
Installation is a cinch and the tidy browser interface offers a wizard to help set up management access, web and mail scanning, email notification and automatic update checks. Web scanning includes HTTP, HTTPS and FTP, and you can pick and choose from 64 URL categories. Email quarantining and IM and P2P app controls are features slated for later this year and, unlike the A-Listed eSoft ThreatWall 450, it doesn’t offer authentication so you can’t have multiple security policies applied to different users and groups.
Mail scanning covers SMTP, POP3 and IMAP; you have white and blacklists, and RBLs and heuristics, where the latter allows suspect messages to be tagged. An internal SATA hard disk means that quarantining can be implemented as a software update.
Anti-spam is good with Commtouch at the helm. During testing, we set spam to be tagged and set Outlook to drop them into a separate folder. After leaving the appliance scanning for a week, we saw a 95% spam success rate with less than 5% false-positives.
URL filtering is excellent, as with the gambling category selected we Googled for online poker sites and gave up after being blocked from the first 50 sites visited. Access was also barred from bingo and other online games sites, and the social-networking category kept our users away from the likes of Facebook and MySpace. There’s also a useful lookup function, where you enter a URL and it will tell you what its category is.
Although the STM150 delivers in the performance stakes and is priced right for SMBs, it needs the extra features planned for later this year to make it a more complete security solution.
|Warranty RTB years||2|
|Warranty extra information|
|Server configuration||Desktop chassis|
|CPU nominal frequency||1.50GHz|
|Hard disk configuration||160GB SATA hard disk|
|Total hard disk capacity||80|
|Gigabit LAN ports||5|
|10/100 LAN ports||0|