Inside the ProSecure STM 150

By Frank Ohlhorst  |  Print this article Print

The ProSecure series of Security Threat Management appliances offers e-mail and Web threat management for small businesses with enterprise security needs by combining SAAS security with on-site hardware.

The STM 150 has a street price of around $1,000 and the included security services are licensed for the device and not by the number of seats needed. That helps to keep costs manageable and eliminates the nickel-and-dime pricing that has become so common with security software, products and services.

The device is a 1U unit that features five 10/100 Ethernet ports, four of which are designated for the local LAN and one for the firewall connection. The idea is to place the device between the firewall and the local LAN, which offers layered protection. The device combines a hosted security service with local malware processing. The STM 150 uses Netgear’s proprietary Stream Scanning architecture, which allows parallel processing by the various security engines in use to reduce latency and maximize throughput.

The anti-malware engine uses technology from Kaspersky Lab, while the e-mail scanning engine uses technology from Commtouch. Both engines employ heuristics to delve deeper into the data and identify malicious code, corrupted links and the like. The use of heuristics helps the product to block "unknown" threats, threats that have not yet been identified and do not have a "signature" associated with them.

Spam analysis takes place in the cloud and is one of the primary reasons why Netgear has created a hybrid security solution. Moving spam analysis off of the local appliance offers several advantages. Analysis can be more thorough and up-to-date when using a service as opposed to performing the task locally, which would require frequent updating of the device.

Also, infected e-mail is never delivered to the local network, as the spam is contained on the remote services infrastructure. That helps to improve Web access speed and reduces the workload and storage needs of the local e-mail server.

Netgear applies the same logic to URL filtering, which is also handled in the cloud. The unit can filter URLs based upon 64 categories. The URL filtering technology extends to also block other Web services, such as instant messaging, Flash, ActiveX and Web-based tool bars.

While the features and capabilities of STM 150 make it seem complicated, administrators will be surprised at how easy it is to deploy and set up the unit. A basic configuration can be done in less than 10 minutes and requires little more than plugging the unit in and running a setup wizard.

Administrators will find the browser-based management console easy to use. Its menus are well-defined and use simple check boxes to enable features. What’s more, context-sensitive help offers good descriptions and examples for deployment.

While the STM 150 offers a good feature mix, there are some absent capabilities–such as quarantine, Active Directory integration and P2P application controls. Solution providers in need of those capabilities will have to wait until later this year, when Netgear plans to update the software package.

With the STM series, Netgear has demonstrated that it can play with the big boys in the SMB security appliance market. Although the device is far from perfect, it offers an excellent feature mix at a price that is very affordable to even the smallest of businesses. The simplified licensing and management make the product a natural for solution providers servicing accounts with less than 300 users, while the integration of hosted security services keeps the device up-to-date with little fuss or muss.

Netgear is selling the ProSecure exclusively through channel partners. It has no plans to sell the devices through the retail channels.



Frank Ohlhorst Frank J. Ohlhorst is the Executive Technology Editor for eWeek Channel Insider and brings with him over 20 years of experience in the Information Technology field.He began his career as a network administrator and applications program in the private sector for two years before joining a computer consulting firm as a programmer analyst. In 1988 Frank founded a computer consulting company, which specialized in network design, implementation, and support, along with custom accounting applications developed in a variety of programming languages.In 1991, Frank took a position with the United States Department of Energy as a Network Manager for multiple DOE Area Offices with locations at Brookhaven National Laboratory (BNL), Princeton Plasma Physics Laboratory (PPL), Argonne National Laboratory (ANL), FermiLAB and the Ames Area Office (AMESAO). Frank's duties included managing the site networks, associated staff and the inter-network links between the area offices. He also served at the Computer Security Officer (CSO) for multiple DOE sites. Frank joined CMP Technology's Channel group in 1999 as a Technical Editor assigned to the CRN Test Center, within a year, Frank became the Senior Technical Editor, and was responsible for designing product testing methodologies, assigning product reviews, roundups and bakeoffs to the CRN Test Center staff.In 2003, Frank was named Technology Editor of CRN. In that capacity, he ensured that CRN maintained a clearer focus on technology and increased the integration of the Test Center's review content into both CRN's print and web properties. He also contributed to Netseminar's, hosted sessions at CMP's Xchange Channel trade shows and helped to develop new methods of content delivery, Such as CRN-TV.In September of 2004, Frank became the Director of the CRN Test Center and was charged with increasing the Test Center's contributions to CMP's Channel Web online presence and CMP's latest monthly publication, Digital Connect, a magazine geared towards the home integrator. He also continued to contribute to CMP's Netseminar series, Xchange events, industry conferences and CRN-TV.In January of 2007, CMP Launched CRNtech, a monthly publication focused on technology for the channel, with a mailed audience of 70,000 qualified readers. Frank was instrumental in the development and design of CRNTech and was the editorial director of the publication as well as its primary contributor. He also maintained the edit calendar, and hosted quarterly CRNTech Live events.In June 2007, Frank was named Senior Technology Analyst and became responsible for the technical focus and edit calendars of all the Channel Group's publications, including CRN, CRNTech, and VARBusiness, along with the Channel Group's specialized publications Solutions Inc., Government VAR, TechBuilder and various custom publications. Frank joined Ziff Davis Enterprise in September of 2007 and focuses on creating editorial content geared towards the purveyors of Information Technology products and services. Frank writes comparative reviews, channel analysis pieces and participates in many of Ziff Davis Enterprise's tradeshows and webinars. He has received several awards for his writing and editing, including back to back best review of the year awards, and a president's award for CRN-TV. Frank speaks at many industry conferences, is a contributor to several IT Books, holds several records for online hits and has several industry certifications, including Novell's CNE, Microsoft's MCP.Frank can be reached at frank.ohlhorst@ziffdavisenterprise.com

Submit a Comment

Loading Comments...