User's Manual
Table Of Contents
- ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
- Contents
- About This Manual
- Chapter 1 Introduction
- Chapter 2 Using the Setup Wizard to Provision the STM in Your Network
- Choosing a Deployment Scenario
- Understanding the Steps for Initial Connection
- Logging In to the STM
- Using the Setup Wizard to Perform the Initial Configuration
- Setup Wizard Step 1 of 10: Introduction
- Setup Wizard Step 2 of 11: Networking Settings
- Setup Wizard Step 3 of 11: Time Zone
- Setup Wizard Step 4 of 11: Email Security
- Setup Wizard Step 5 of 11: Web Security
- Setup Wizard Step 6 of 11: Email Notification Server Settings
- Setup Wizard Step 7 of 11: Update Settings
- Setup Wizard Step 8 of 11: HTTP Proxy Settings
- Setup Wizard Step 9 of 11: Web Categories
- Setup Wizard Step 10 of 11: Configuration Summary
- Setup Wizard Step 11 of 11: Restarting the System
- Verifying Proper Installation
- Registering the STM with NETGEAR
- What to Do Next
- Chapter 3 Performing Network and System Management
- Configuring Network Settings
- Configuring Session Limits and Timeouts
- Configuring the HTTP Proxy Settings
- About Users with Administrative and Guest Privileges
- Configuring Remote Management Access
- Using an SNMP Manager
- Managing the Configuration File
- Updating the Software
- Configuring Date and Time Service
- Managing Digital Certificates
- Managing the Quarantine Settings
- Performance Management
- Chapter 4 Content Filtering and Optimizing Scans
- About Content Filtering and Scans
- Configuring E-mail Protection
- Configuring Web and Services Protection
- Configuring Application Control
- Setting Scanning Exclusions and Web Access Exceptions
- Chapter 5 Managing Users, Groups, and Authentication
- About Users, Groups, and Domains
- Configuring Groups
- Configuring User Accounts
- Configuring Authentication
- Global User Settings
- Viewing and Logging Out Active Users
- Chapter 6 Monitoring System Access and Performance
- Chapter 7 Troubleshooting and Using Online Support
- Appendix A Default Settings and Technical Specifications
- Appendix B Related Documents
- Index
ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
Content Filtering and Optimizing Scans 4-37
v1.0, September 2009
If one of these is not satisfied, a security alert message appears in the browser window (see
Figure 4-16).
However, even when a certificate is trusted or still valid, or when the name of a certificate does
match the name of the Web site, a security alert message still appears when a user who is
connected to the STM visits an HTTPS site. The appearance of this security alert message is
expected behavior because the HTTPS client receives a certificate from the STM instead of
directly from the HTTPS server. If you want to prevent this security alert message from appearing,
install a root certificate on the client PC. The root certificate can be downloaded from the STM’s
User Portal Login screen (see Figure 5-7 on page 5-10).
If client authentication is required, the STM might not be able to scan the HTTPS traffic because
of the nature of SSL. SSL has two parts—client and server authentication. HTTPS server
authentication occurs with every HTTPS request, but HTTPS client authentication is not
mandatory, and rarely occurs. Therefore it is of less importance whether the HTTPS request comes
from the STM or from the real HTTPS client.
However, certain HTTPS servers do require HTTPS client certificate authentication for every
HTTPS request. Because of the design of SSL, the HTTPS client must present its own certificate
in this situation rather than using the one from the STM, preventing the STM from scanning the
HTTPS traffic. For information about certificates, see “Managing Digital Certificates” on page 3-
25.
You can specify trusted hosts for which the STM bypasses HTTPS traffic scanning. For more
information, see “Specifying Trusted Hosts” on page 4-39.
Figure 4-16