Netgear Tackles SMB Security with ProSecure Appliances

Netgear’s purchase of security vendor CP Secure is starting to bear fruit, with the introduction of the STM series of ProSecure appliances designed specifically for the SMB marketplace. The STM product line blocks spam, removes e-mail-borne malware and provides protection against Web-based malware.

The STM series comes in three models: the low-end STM 150 (designed for 150 concurrent users), the STM 300 (for up to 300 concurrent users) and the STM 600 (for up to 600 concurrent users). Netgear looks to differentiate the STM series from competing e-mail security appliances, such as those from Barracuda Networks and Cisco Systems, by offering the ability to scan all Web traffic for malware, not just e-mail traffic.

Adding another security capability can impact performance and introduce latency, so Netgear addressed that concerns by scanning files and data streams in parallel, which helps to keep things speedy.

Combining e-mail security with Web security is a wise move for Netgear. The typical SMB needs both types of security and will find a single appliance solution more economical than having to integrate multiple products to meet those security needs. But Netgear could have gone a little farther than that combination by incorporating an SPI Firewall and other security features into the device. The STM series is designed to be installed between the corporate firewall and the internal LAN—that means a separate firewall/router is required to protect LANs from denial-of-service attacks, intrusions and many of the other Internet-borne threats.

In tune with the needs of small businesses, the STM appliances use a subscription-based service to keep the security features up-to-date. Combining subscription-based services with a hardware appliance offers the best of both worlds to smaller sites. An on-site appliance proves to be faster to deploy and easier to manage, while the subscription-based services provide 24/7 protection with zero-day capabilities. What’s more, the security appliance takes on a managed services flavor, which should increase its appeal to solution providers servicing small businesses.

The STM 150 has a street price of around £700 and the included security services are licensed for the device and not by the number of seats needed. That helps to keep costs manageable and eliminates the unflexible pricing that has become so common with security software, products and services.

The device is a 1U unit that features five 10/100 Ethernet ports, four of which are designated for the local LAN and one for the firewall connection. The idea is to place the device between the firewall and the local LAN, which offers layered protection. The device combines a hosted security service with local malware processing. The STM 150 uses Netgear’s proprietary Stream Scanning architecture, which allows parallel processing by the various security engines in use to reduce latency and maximise throughput.

The anti-malware engine uses technology from Kaspersky Lab, while the e-mail scanning engine uses technology from Commtouch. Both engines employ heuristics to delve deeper into the data and identify malicious code, corrupted links and the like. The use of heuristics helps the product to block “unknown” threats, threats that have not yet been identified and do not have a “signature” associated with them.

Spam analysis takes place in the cloud and is one of the primary reasons why Netgear has created a hybrid security solution. Moving spam analysis off of the local appliance offers several advantages. Analysis can be more thorough and up-to-date when using a service as opposed to performing the task locally, which would require frequent updating of the device.

Also, infected e-mail is never delivered to the local network, as the spam is contained on the remote services infrastructure. That helps to improve Web access speed and reduces the workload and storage needs of the local e-mail server.

Netgear applies the same logic to URL filtering, which is also handled in the cloud. The unit can filter URLs based upon 64 categories. The URL filtering technology extends to also block other Web services, such as instant messaging, Flash, ActiveX and Web-based tool bars.

While the features and capabilities of STM 150 make it seem complicated, administrators will be surprised at how easy it is to deploy and set up the unit. A basic configuration can be done in less than 10 minutes and requires little more than plugging the unit in and running a setup wizard.

Administrators will find the browser-based management console easy to use. Its menus are well-defined and use simple check boxes to enable features. What’s more, context-sensitive help offers good descriptions and examples for deployment.

While the STM 150 offers a good feature mix, there are some absent capabilities–such as quarantine, Active Directory integration and P2P application controls. Solution providers in need of those capabilities will have to wait until later this year, when Netgear plans to update the software package.

With the STM series, Netgear has demonstrated that it can play with the big boys in the SMB security appliance market. Although the device is far from perfect, it offers an excellent feature mix at a price that is very affordable to even the smallest of businesses. The simplified licensing and management make the product a natural for solution providers servicing accounts with less than 300 users, while the integration of hosted security services keeps the device up-to-date with little fuss or muss.

Netgear is selling the ProSecure exclusively through channel partners. It has no plans to sell the devices through the retail channels.