S T M U T M
-
Upload
oscar-urcid -
Category
Technology
-
view
591 -
download
2
description
Transcript of S T M U T M
New Product IntroductionProSecure- STM & UTM Series
Oscar Castro.18. 09
Topics
• Security & Threat• Definition of Threat • Netgear Technologies • STM • UTM • Other
Balance of Network Security
• Modern worms and viruses are coming too fast• Move towards a security approach• Optima control : secure & flexible networking
Reference: Prosecure sales training Mod2 security overview v1
The security minded strategy:Closed systems with incremental services as needed
The access minded strategy:Open systems with incremental security as needed
Definition of Threat
• Before: for fun, to show off, • Now: financial benefit, Criminal. • Threat increase so fast: before 2007, 2M; 2008,15M.• Threats:
Threat Definition Attack from
Virus
A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
e-mail/ web
Worm A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other program
web/network
Trojan Trojan horse (computing), 木馬程式 web
Definition of Threat - Continue
Threat Definition Attack from
Phishing
The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user information
Spam Electronic junk mail or junk newsgroup postings e-mail
Keylogger Monitor keyboard, and take your information with out notice. web
MalwareShort for malicious( 惡意 ) software, software designed specifically to damage or disrupt a system, such as a virus or a Trojan horse
web/ E-mail
Spyware
Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes.Nuisance spyware, which does not cause harm; while Malicious spyware will harm the PC or system.
web
Rootkit
A rootkit is a type of malicious software that is activated each time your system boots up. Rootkits are difficult to detect because they are activated before your system's Operating System has completely booted up. A rootkit often allows the installation of hidden files, processes, hidden user accounts, and more in the systems OS. Rootkits are able to intercept data from terminals, network connections, and the keyboard.
network / Web
Zombies
A zombie is a computer that has been infected by a malicious software application, called a "bot". Once the bot is installed, the zombie computer can be controlled by a remote malicious user without the knowledge or permission of the computer's rightful owner
web/network
Layered Defense
Virus / Malware Scanning(Blended Threats, Productivity Loss, Spyware, worms, rootkits)(File base)
Intrusion Prevention(Protecting Webservers, Application exploits) (packet/stream of packet base. )
Email – SPAM Prevention(Nefarious Email, Phishing, Viruses, Malware)
Firewall / Connection Screening(Hacking, Intruders, Pings of Death …), (packet base, speed)
Content Filtering(Inappropriate websites, Fraud, Phishing)URL. content
Application Control (IM, P2P, Network Misuse)
Reference: Prosecure sales training Mod4 Layered defence v1.pptx
Example of Layered Defense
• Firewall for first line on the network frontier.• STM in second line for web and e-mail security.• Anti-virus software in each PC.
In the case of UTM, combine Firewall & STM appliance
Layered Defense in Netgear
Virus / Malware Scanning(Blended Threats, Productivity Loss, Spyware, worms, rootkits)(File base)
Intrusion Prevention(Protecting Webservers, Application exploits) (packet/stream of packet base. )
Email – SPAM Prevention(Nefarious Email, Phishing, Viruses, Malware)
Firewall / Connection Screening(Hacking, Intruders, Pings of Death …), (packet base, speed)
Content Filtering(Inappropriate websites, Fraud, Phishing)URL. content
Application Control (IM, P2P, Network Misuse)
Reference: Security Webinar -May09.pptx
UT
MS
TM
Netgear Technology
• Web Security • Mail Security • Network Security • Remote Access
Netgear Technology - Web Security
• All inbound and outbound content over HTTP, HTTPS (secure HTTP), and FTP is inspected for millions of known threats and unknown threats, proactively discovering and blocking threats to the network.
• Stream Scanning Technology,
– scans data streams as they enter the network
Netgear Technology - Web Security
• Netgear Hybrid In the cloud Distributed Web Analysis technology to filter malicious and unwanted URLs– Limitless master database (in the cloud)
Real timeIn the cloud service
Netgear Technology - Email Security
• The NETGEAR® in-the-cloud Distributed Spam Analysis architecture continuously gathers data from more than 50 million sources from around the world.
• Detects and blocks outbreaks in real time, based on their rapid and wide distribution behavior, analyzing its distribution patterns, rather than its header information.
• Benefit: – High Detection Rate – blocking upwards of 97% of spam
– Effectiveness against all spam – including double-byte languages and image-based spam
– Low False Positives – Less than 1 in 1.5 million reported false positive
Netgear Technology - Network Security
• Protect the network by firewall function. – Stateful packet inspection (SPI),
– Intrusion prevention System (IPS),
– denial-of-service (DoS) protection
• The ProSecure UTM's network intrusion prevention and detection system utilizes a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods, preventing hackers from penetrating the network perimeter. IPS is not only important, but a necessity for any network security architecture.
Netgear Technology - Network Security
• The IPS engine performs protocol analysis, content searching/matching, and can also block or passively detect a variety of attacks and probes.
• Protect from out side threats, also can prevent internal users from pulling in threats due to misuse. Ex: block public IM: Skype, MSN. P2P client: Bit Torrent.
Netgear Technology – Remote Access
• 2 groups of VPN(Virtual private network) tunnel : – SSL (Secure Sockets Layer)– IPsec (IP security)
• ProSecure UTM can provide easy, secure and cost –effective clientless remote access for any employee without complicated installations or PC administrative access. Use VPN channel
enabling users
to securely and
privately transfer
information.
Topics
• Security & Threat• Definition of Threat • Netgear Technologies • STM • UTM • Other
Netgear STM series • ProSecure™ Web and Email Threat Management
Appliance• Target in SMB, friendly price but with enterprise quality.• Enterprise-class Security (Co-work with Kaspersky)
– Enterprise-class Anti-malware Engine: enterprise level signatures, no compromise in performance.
– Zero Hour Threat Protection : Malware signatures are automatic update every hour, so that limit the chance for attack.
– Industry-leading Anti-spam Engine: use “in the cloud” approach to feed global up-to-the-minutes spam outbreak information to the
appliance to stop new spam. – Enterprise-class URL Filter: The URL filter not only blocks access to
unwanted sites, but also blocks sites containing spyware.
– IM, P2P, Toolbar Application Control: Enforce company
network usage policies with the STM’s application control feature.
• Revolutionary Stream Scanning Platform. – Please refer to Netgear technology- web security
• Simple Setup, Ease of Management– No need to configure,
– No “per user” licensing
Netgear STM series
STM150, STM300, STM600
STM150 STM300 STM600
Customer type Small to Medium Networks
Medium-sized Networks
Medium-sized Networks
Recommended Number of Concurrent Users
20 - 150 Up to 300 Up to 600
Concurrently Scanned HTTP Connections
1,000 2,000 4,000
HTTP Throughput (Mb/s)
43 148 239
SMTP Throughput (emails/hour)
139,000 420,000 960,000
List of Skus
Bundle
1. Hardware
1. Email Subscription• Anti-Malware, Virus,
Spyware, Trojans• Anti-SPAM Email
• Web Subscription• Anti-Malware, Virus,
Spyware, Trojans• HTTP, FTP, real HTTPS
protection• Web Content Filtering• Phishing
• Maintenance Subscription• Support & Maintenance• Base Firewall and IPS• Application Control
STM150, STM300, STM600- Skus
Model SKU Description List Price
STM150EW STM150EW-100EUS Bundle ProSecure™ Web and Email Threat Management Appliance STM150 (Hardware including 1-year Web, 1-year Email, and 1-year Software Maintenance & Upgrades)
STM150 STM150-100EUS Hardware ProSecure™ Web and Email Threat Management Appliance STM150 (Additional Web and/or Email Subscription Required)
STM150E STM150E-10000S 1 Year Email Threat Management Subscription for STM150
STM150E3 STM150E3-10000S 3 Year Email Threat Management Subscription for STM150
STM150M STM150M-10000S 1 Year Support & Maintenance Subscription for STM150
STM150M3 STM150M3-10000S 3 Year Support & Maintenance Subscriptions for STM150
STM150W STM150W-10000S 1 Year Web Threat Management Subscription for STM150
STM150W3 STM150W3-10000S 3 Year Web Threat Management Subscription for STM150
Take EU sku as example
Netgear UTM series
• ProSecure™ Unified Threat Management Appliance• Target in SMB, friendly price but with enterprise quality
without compromises (in function, performance) • Simple Setup, Easy of Management
– 10-step setup wizard– Threat Monitor & Report– No “Per user” licensing
Netgear UTM series
• Feature & Highlight: – Best-of-Breed Anti-malware Engine : Enterprise-class malware
scan engine.
– NETGEAR Patent Pending Stream Scanning Technology– Distributed Spam Analysis Anti-spam Technology: Hybrid in-
the-cloud architecture (p10)
– Distributed Web Analysis URL Filtering: Next generation hybrid in-the-cloud URL filtering technology
– Zero Hour Threat Protection
– NETGEAR Intrusion Prevention System
– IM and P2P Application Control
– SSL & IPsec VPN Remote Access
– Built-in VPN/Firewall
UTM10, UTM25
UTM10 UTM25
Customer type Small Networks Small Networks
Recommended Number of Concurrent Users 1 - 15 10 - 30
AV Throughput 31 Mbps 45 Mbps
Stateful Packet Inspection Firewall Throughput 133 Mbps 153 Mbps
WAN Ports / LAN Ports (Gigabit) WAN 1 / LAN 4 WAN 2 / LAN 4
Concurrent Sessions 8,000 20,000
Web (HTTP, HTTPS, FTP) ● ●
Email (SMTP, POP3, IMAP) ● ●
Site to Site VPN Tunnel 10 25
SSL VPN for Remote Access 5 13
UTM10, UTM25- Skus
Model SKU Description List Price
UTM10EW UTM10EW-100EUS Bundle ProSecure™ Web and Email Threat Management Appliance UTM10 (Hardware including 1-year Web, 1-year Email, and 1-year Software Maintenance & Upgrades)
UTM10 UTM10-100EUS Hardware ProSecure™ Web and Email Threat Management Appliance UTM10 (Additional Web and/or Email Subscription Required)
UTM10E UTM10E-10000S 1 Year Email Threat Management Subscription for UTM10
SUTM10E3 UTM10E3-10000S 3 Year Email Threat Management Subscription for UTM10
UTM10M UTM10M-10000S 1 Year Support & Maintenance Subscription for UTM10
UTM10M3 UTM10M3-10000S 3 Year Support & Maintenance Subscriptions for UTM10
UTM10W UTM10W-10000S 1 Year Web Threat Management Subscription for UTM10
UTM10W3 UTM10W3-10000S 3 Year Web Threat Management Subscription for UTM10
More information
• Threat Monitor
Partners – Best of breed Technology Partners brings Enterprise Grade Security to SMB
Technology NETGEAR STM NETGEAR UTM Competition
Anti-Virus MalwareTrojansPhishing
Full1.6 Million Signatures
Full600K Signatures
Fortinet : Clam AV open source + their own 60K AV signatures.Watchguard : AVG 40K AV signatures.Sonicwall : Clam AV open source + their own 3.2K (TZ180/190) 27K (TZ210/NSA)Checkpoint : Kaspersky Lite SafeStream 11K Barracuda : Clam AV open source + their own 100K AV signatures.ZyXEL : Kaspersky Lite SafeStream + their own 15K
Anti-SPAM
Hybrid in-the-cloud50 Millions sources
Hybrid in-the-cloud
Fortinet : RBL approach (Public Black Lists)Watchguard : CommtouchSonicwall : RBL approach (Public Black Lists)Checkpoint : SpamAssassin (Open source)Barracuda : SpamAssassin (Open source)ZyXEL : Mailshell
WebContent- Filtering 100 M URLs
64 categories100 M URLs 64 categories
Fortinet : Self + unknownWatchguard : SurfControl (Websense)Sonicwall : Self + unknownCheckpoint : SurfControl (Websense)Barracuda : SpamAssassin (Open source)ZyXEL : Blue Coat
Reference:
• Netgear Product information http://www.prosecure.netgear.com/index.php
• Detail Competitors informationhttp://netshare/prosecure/ProSecure%20Collateral/Forms/AllItems.aspx
• Definition of terms : http://www.webopedia.com• Prosecure sales training Mod2 security overview v1.pptx• Prosecure sales training Mod4 Layered defence v1.pptx• Security Webinar -May09.pptx