s t m u t m

New Product IntroductionProSecure- STM & UTM Series

Oscar Castro.18. 09

Topics

• Security & Threat• Definition of Threat • Netgear Technologies • STM • UTM • Other

Balance of Network Security

• Modern worms and viruses are coming too fast• Move towards a security approach• Optima control : secure & flexible networking

Reference: Prosecure sales training Mod2 security overview v1

The security minded strategy:Closed systems with incremental services as needed

The access minded strategy:Open systems with incremental security as needed

Definition of Threat

• Before: for fun, to show off, • Now: financial benefit, Criminal. • Threat increase so fast: before 2007, 2M; 2008,15M.• Threats:

Threat Definition Attack from

Virus

A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.

e-mail/ web

Worm A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other program

web/network

Trojan Trojan horse (computing), 木馬程式 web

Definition of Threat - Continue

Threat Definition Attack from

Phishing

The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user information

e-mail

Spam Electronic junk mail or junk newsgroup postings e-mail

Keylogger Monitor keyboard, and take your information with out notice. web

MalwareShort for malicious( 惡意 ) software, software designed specifically to damage or disrupt a system, such as a virus or a Trojan horse

web/ E-mail

Spyware

Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes.Nuisance spyware, which does not cause harm; while Malicious spyware will harm the PC or system.

web

Rootkit

A rootkit is a type of malicious software that is activated each time your system boots up. Rootkits are difficult to detect because they are activated before your system's Operating System has completely booted up. A rootkit often allows the installation of hidden files, processes, hidden user accounts, and more in the systems OS. Rootkits are able to intercept data from terminals, network connections, and the keyboard.

network / Web

Zombies

A zombie is a computer that has been infected by a malicious software application, called a "bot". Once the bot is installed, the zombie computer can be controlled by a remote malicious user without the knowledge or permission of the computer's rightful owner

web/network

Layered Defense

Virus / Malware Scanning(Blended Threats, Productivity Loss, Spyware, worms, rootkits)(File base)

Intrusion Prevention(Protecting Webservers, Application exploits) (packet/stream of packet base. )

Email – SPAM Prevention(Nefarious Email, Phishing, Viruses, Malware)

Firewall / Connection Screening(Hacking, Intruders, Pings of Death …), (packet base, speed)

Content Filtering(Inappropriate websites, Fraud, Phishing)URL. content

Application Control (IM, P2P, Network Misuse)

Reference: Prosecure sales training Mod4 Layered defence v1.pptx

Example of Layered Defense

• Firewall for first line on the network frontier.• STM in second line for web and e-mail security.• Anti-virus software in each PC.

In the case of UTM, combine Firewall & STM appliance

Layered Defense in Netgear

Virus / Malware Scanning(Blended Threats, Productivity Loss, Spyware, worms, rootkits)(File base)

Intrusion Prevention(Protecting Webservers, Application exploits) (packet/stream of packet base. )

Email – SPAM Prevention(Nefarious Email, Phishing, Viruses, Malware)

Firewall / Connection Screening(Hacking, Intruders, Pings of Death …), (packet base, speed)

Content Filtering(Inappropriate websites, Fraud, Phishing)URL. content

Application Control (IM, P2P, Network Misuse)

Reference: Security Webinar -May09.pptx

UT

MS

TM

Netgear Technology

• Web Security • Mail Security • Network Security • Remote Access

Netgear Technology - Web Security

• All inbound and outbound content over HTTP, HTTPS (secure HTTP), and FTP is inspected for millions of known threats and unknown threats, proactively discovering and blocking threats to the network.

• Stream Scanning Technology,

– scans data streams as they enter the network

Netgear Technology - Web Security

• Netgear Hybrid In the cloud Distributed Web Analysis technology to filter malicious and unwanted URLs– Limitless master database (in the cloud)

Real timeIn the cloud service

Netgear Technology - Email Security

• The NETGEAR® in-the-cloud Distributed Spam Analysis architecture continuously gathers data from more than 50 million sources from around the world.

• Detects and blocks outbreaks in real time, based on their rapid and wide distribution behavior, analyzing its distribution patterns, rather than its header information.

• Benefit: – High Detection Rate – blocking upwards of 97% of spam

– Effectiveness against all spam – including double-byte languages and image-based spam

– Low False Positives – Less than 1 in 1.5 million reported false positive

Netgear Technology - Network Security

• Protect the network by firewall function. – Stateful packet inspection (SPI),

– Intrusion prevention System (IPS),

– denial-of-service (DoS) protection

• The ProSecure UTM's network intrusion prevention and detection system utilizes a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods, preventing hackers from penetrating the network perimeter. IPS is not only important, but a necessity for any network security architecture.

Netgear Technology - Network Security

• The IPS engine performs protocol analysis, content searching/matching, and can also block or passively detect a variety of attacks and probes.

• Protect from out side threats, also can prevent internal users from pulling in threats due to misuse. Ex: block public IM: Skype, MSN. P2P client: Bit Torrent.

Netgear Technology – Remote Access

• 2 groups of VPN(Virtual private network) tunnel : – SSL (Secure Sockets Layer)– IPsec (IP security)

• ProSecure UTM can provide easy, secure and cost –effective clientless remote access for any employee without complicated installations or PC administrative access. Use VPN channel

enabling users

to securely and

privately transfer

information.

Topics

• Security & Threat• Definition of Threat • Netgear Technologies • STM • UTM • Other

Netgear STM series • ProSecure™ Web and Email Threat Management

Appliance• Target in SMB, friendly price but with enterprise quality.• Enterprise-class Security (Co-work with Kaspersky)

– Enterprise-class Anti-malware Engine: enterprise level signatures, no compromise in performance.

– Zero Hour Threat Protection : Malware signatures are automatic update every hour, so that limit the chance for attack.

– Industry-leading Anti-spam Engine: use “in the cloud” approach to feed global up-to-the-minutes spam outbreak information to the

appliance to stop new spam. – Enterprise-class URL Filter: The URL filter not only blocks access to

unwanted sites, but also blocks sites containing spyware.

– IM, P2P, Toolbar Application Control: Enforce company

network usage policies with the STM’s application control feature.

• Revolutionary Stream Scanning Platform. – Please refer to Netgear technology- web security

• Simple Setup, Ease of Management– No need to configure,

– No “per user” licensing

Netgear STM series

STM150, STM300, STM600

STM150 STM300 STM600

Customer type Small to Medium Networks

Medium-sized Networks

Medium-sized Networks

Recommended Number of Concurrent Users

20 - 150 Up to 300 Up to 600

Concurrently Scanned HTTP Connections

1,000 2,000 4,000

HTTP Throughput (Mb/s)

43 148 239

SMTP Throughput (emails/hour)

139,000 420,000 960,000

List of Skus

Bundle

1. Hardware

1. Email Subscription• Anti-Malware, Virus,

Spyware, Trojans• Anti-SPAM Email

• Web Subscription• Anti-Malware, Virus,

Spyware, Trojans• HTTP, FTP, real HTTPS

protection• Web Content Filtering• Phishing

• Maintenance Subscription• Support & Maintenance• Base Firewall and IPS• Application Control

STM150, STM300, STM600- Skus

Model SKU Description List Price

STM150EW STM150EW-100EUS Bundle ProSecure™ Web and Email Threat Management Appliance STM150  (Hardware including 1-year Web, 1-year Email, and 1-year Software Maintenance & Upgrades)

STM150 STM150-100EUS Hardware ProSecure™ Web and Email Threat Management Appliance STM150 (Additional Web and/or Email Subscription Required)

STM150E STM150E-10000S 1 Year Email Threat Management Subscription for STM150  

STM150E3 STM150E3-10000S 3 Year Email Threat Management Subscription for STM150

STM150M STM150M-10000S 1 Year Support & Maintenance Subscription for STM150

STM150M3 STM150M3-10000S 3 Year Support & Maintenance Subscriptions for STM150

STM150W STM150W-10000S 1 Year Web Threat Management Subscription for STM150

STM150W3 STM150W3-10000S 3 Year Web Threat Management Subscription for STM150

Take EU sku as example

Netgear UTM series

• ProSecure™ Unified Threat Management Appliance• Target in SMB, friendly price but with enterprise quality

without compromises (in function, performance) • Simple Setup, Easy of Management

– 10-step setup wizard– Threat Monitor & Report– No “Per user” licensing

Netgear UTM series

• Feature & Highlight: – Best-of-Breed Anti-malware Engine : Enterprise-class malware

scan engine.

– NETGEAR Patent Pending Stream Scanning Technology– Distributed Spam Analysis Anti-spam Technology: Hybrid in-

the-cloud architecture (p10)

– Distributed Web Analysis URL Filtering: Next generation hybrid in-the-cloud URL filtering technology

– Zero Hour Threat Protection

– NETGEAR Intrusion Prevention System

– IM and P2P Application Control

– SSL & IPsec VPN Remote Access

– Built-in VPN/Firewall

UTM10, UTM25

UTM10 UTM25

Customer type Small Networks Small Networks

Recommended Number of Concurrent Users 1 - 15 10 - 30

AV Throughput 31 Mbps 45 Mbps

Stateful Packet Inspection Firewall Throughput 133 Mbps 153 Mbps

WAN Ports / LAN Ports (Gigabit) WAN 1 / LAN 4 WAN 2 / LAN 4

Concurrent Sessions 8,000 20,000

Web (HTTP, HTTPS, FTP) ● ●

Email (SMTP, POP3, IMAP) ● ●

Site to Site VPN Tunnel 10 25

SSL VPN for Remote Access 5 13

UTM10, UTM25- Skus

Model SKU Description List Price

UTM10EW UTM10EW-100EUS Bundle ProSecure™ Web and Email Threat Management Appliance UTM10  (Hardware including 1-year Web, 1-year Email, and 1-year Software Maintenance & Upgrades)

UTM10 UTM10-100EUS Hardware ProSecure™ Web and Email Threat Management Appliance UTM10 (Additional Web and/or Email Subscription Required)

UTM10E UTM10E-10000S 1 Year Email Threat Management Subscription for UTM10  

SUTM10E3 UTM10E3-10000S 3 Year Email Threat Management Subscription for UTM10

UTM10M UTM10M-10000S 1 Year Support & Maintenance Subscription for UTM10

UTM10M3 UTM10M3-10000S 3 Year Support & Maintenance Subscriptions for UTM10

UTM10W UTM10W-10000S 1 Year Web Threat Management Subscription for UTM10

UTM10W3 UTM10W3-10000S 3 Year Web Threat Management Subscription for UTM10

More information

• Threat Monitor

Partners – Best of breed Technology Partners brings Enterprise Grade Security to SMB

Technology NETGEAR STM NETGEAR UTM Competition

Anti-Virus MalwareTrojansPhishing

Full1.6 Million Signatures

Full600K Signatures

Fortinet : Clam AV open source + their own 60K AV signatures.Watchguard : AVG 40K AV signatures.Sonicwall : Clam AV open source + their own 3.2K (TZ180/190) 27K (TZ210/NSA)Checkpoint : Kaspersky Lite SafeStream 11K Barracuda : Clam AV open source + their own 100K AV signatures.ZyXEL : Kaspersky Lite SafeStream + their own 15K

Anti-SPAM

Hybrid in-the-cloud50 Millions sources

Hybrid in-the-cloud

Fortinet : RBL approach (Public Black Lists)Watchguard : CommtouchSonicwall : RBL approach (Public Black Lists)Checkpoint : SpamAssassin (Open source)Barracuda : SpamAssassin (Open source)ZyXEL : Mailshell

WebContent- Filtering 100 M URLs

64 categories100 M URLs 64 categories

Fortinet : Self + unknownWatchguard : SurfControl (Websense)Sonicwall : Self + unknownCheckpoint : SurfControl (Websense)Barracuda : SpamAssassin (Open source)ZyXEL : Blue Coat

Reference:

• Netgear Product information http://www.prosecure.netgear.com/index.php

• Detail Competitors informationhttp://netshare/prosecure/ProSecure%20Collateral/Forms/AllItems.aspx

• Definition of terms : http://www.webopedia.com• Prosecure sales training Mod2 security overview v1.pptx• Prosecure sales training Mod4 Layered defence v1.pptx• Security Webinar -May09.pptx