Netgear ProSecure STM600 web security gateway
Although the Netgear ProSecure STM600 doesn't match the feature set and flexibility of some of the high-end web security gateways from vendors such as Bluecoat, Cisco and Trend Micro, it has a robust and solid design appropriate to midsized and small businesses
- Good web interface
- Doesn't match the feature set and flexibility of some high-end web security gateways,
By making a serious attempt to match the web security needs of small businesses, Netgear has created a product that sits between the relatively spare feature set of the UTM firewall and the expensive depth of enterprise-class web security gateways. The Netgear ProSecure STM600 gives network managers an excellent option to add web security at a reasonable price with minimum risk.
The Netgear ProSecure STM600 security appliance takes on small-to-midsize business stalwarts such as Fortinet and Barracuda by including antispam, antimalware, and web content filtering in a single unit that offers easy deployment and budget-preserving pricing.
We tested the Netgear ProSecure STM600, the high-end appliance Netgear started shipping in November, and found that it does an adequate job of blocking what you don't want, while making a minimal intrusion into your network.
The Netgear ProSecure STM600 combines two main functions in a single appliance. First is email protections, including antispam and antimalware, as well as some content filtering. Second is web and FTP client protections, including antimalware and content filtering.
The Netgear ProSecure STM600 has an easy-to-use web-based interface, and a separate out-of-band management port, which is a nice feature. In general, most network managers will be able to configure the STM600 in just a few minutes.
The email protection features work on SMTP, POP3 and IMAP4 protocols. You identify what ports you're running these three protocols on, and then define a fairly simple policy on how to handle traffic.
Web protection is slightly more sophisticated. You start with the same configuration: define what ports you run HTTP, Secure-HTTP and FTP on, then say which policies will apply. The Netgear ProSecure STM600 supports malware scanning, content filtering (such as blocking .EXE files or online shopping sites), URL filtering with your own block/allow lists of URLs and sites, application filtering for a list of about 18 common applications, such as BitTorrent, GoToMyPC, and Yahoo Messenger, plus man-in-the-middle HTTPS scanning.
The Netgear ProSecure STM600 also allows HTTP users to authenticate themselves using a Web page, and you can use this authentication to apply exceptions to your basic policy.
Netgear ProSecure STM600: inline ins and outs
The Netgear ProSecure STM600 acts as a "bump in the wire", meaning that it sits transparently in your network, doing its job, without any additional configuration of your web clients, mail servers or DNS. That's quite a departure from other products in this space, which usually act as separate email servers or web proxies.
The advantage is that you don't have to touch anything. But there are also disadvantages. The most obvious is that now the Netgear ProSecure STM600 is sitting "inline" in your network, controlling all traffic. If the STM600 locks up or otherwise starts misbehaving, everything can slow down or be cut off entirely.
Netgear partially works around this by putting fail-open ports on the STM600, which let traffic pass through untouched if the Netgear ProSecure STM600 loses power. We tested this and found that the STM600 is only "mostly" transparent. Both when we power-cycled it, and when it rebooted, we had to clear ARP caches before communications would resume. You've got to be comfortable putting another device in the critical path between your network and the internet to consider this approach.
Another unusual part of the Netgear ProSecure STM600 configuration is that you don't really make it aware of IP addresses, only ports to scan. This means that, by default, the STM600 will scan traffic to every IP address on the ports you list. That can be a benefit, or it could cause mysterious network problems if you don't realise that even your test lab is being filtered. Fortunately, there is a way to exclude specific IP addresses or subnets from scanning.
Join the newsletter!
cloudandco Smart Cane
SanDisk MicroSDXC™ for Nintendo® Switch™
WD MY PASSPORT™ X Gaming Storage
Panasonic OLED 4K Ultra HD TV - TH-77EZ1000U
Bang and Olufsen BeoVision 14
Dyson Supersonic™ Hair Dryer Fuchsia/Iron
Apple iPhone X
Panasonic OLED 4K Ultra HD TV - TH-55EZ950U
Nespresso Creatista Coffee Machine
Breitling Superocean Heritage Chronographe 44
Toys for Boys
Bose SoundLink Micro
Onyx Smart Walkie Talkie
Google Daydream View VR Headset
LaCie Rugged USB-C Portable Hard Drive
Leica M10 Digital Rangefinder Camera
Propel Star Wars T-65 X-Wing Drone
Lego Mindstorms EV3
Ubiquiti Network’s Front Row Camera
Nest Protect Smart Smoke Alarm
Xbox One X
iRobot Roomba 980 Vaccum Cleaning Robot
Belkin Pocket Power 10,000mAh
PETKIG Go Smart Dog Leash
Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K
WD MY CLOUD™ HOME Personal Cloud Storage
Amazon Echo Bluetooth Speaker
Toffee Bags Commuter Satchel
Dearear Endear In-ear Wireless Earphones
Panasonic Hi-Fi - SC-UA7GS-K
Raspberry Pi Starter Kit
3SIXT 3-in-1 Smartphone Lens Kit
Kogan Bluetooth Soundbar
Ikea NORDMÄRKE Wireless Charging Pad
Panasonic Portable Splashproof Fun - RF-D20U
Logitech Doodle Collection Wireless Mouse
Razer DeathAdder Expert Ergonomic Gaming Mouse
Lexon Flip Alarm Clock
Tile Pro Bluetooth Tracker
Urbanworx Full HD Action Camera
Most Popular Reviews
- 1 Huawei Mate 10 Pro Review: A solid winter flagship that cribs from the best
- 2 Google Pixel 2 review: not quite 'pixel perfect' but damn close
- 3 Huawei Nova 2i review: Flagship features get smuggled into the mid-tier
- 4 Moto X4 review: This is what a world without MotoMods looks like
- 5 Giabyte Aorus X9 Gaming Laptop review: Full, in-depth review
Latest News Articles
- ASUS Announces Two New Entries into the VivoBook Range with the VivoBook 14 and VivoBook 15
- US says laptop ban may expand to more airports
- Epson launches new high-speed Enterprise inkjet printer
- HP's Spectre x360 puts Kaby Lake and Thunderbolt into a thinner, faster package
- HP upgrades the Envy 13 laptop with Kaby Lake, debuts the 4K Envy 27 display
PCW Evaluation Team
It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.
Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.
The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.
The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.
The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic
I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.
- Huawei Mate 10 Pro review
- The Best Australian Black Friday Tech Deals That Aren't On Amazon
- Wolfenstein The New Colossus Review
- What's the difference between an Intel Core i3, i5 and i7?
- Laser vs. inkjet printers: which is better?
Product Launch Showcase
- FTMid-Level Software EngineerOther
- FTCustomer Service RepresentativeOther
- FTTest Automation EngineerVIC
- FTSenior DevOps LeadVIC
- FTJava Software Engineers wanted (Melbourne CBD location)VIC
- CCIntel IT ArchitectNSW
- CCScrum Master - BrisbaneNSW
- TPEL1 Business AnalystACT
- CCJunior to Mid Level - Java/ J2EE DeveloperNSW
- CCNetwork DesignerQLD
- FTSenior Business AnalystOther
- FTProject ManagerQLD
- FTIntegration Specialist (HL7)Other
- CCChange AnalystVIC
- TPWeb DeveloperACT
- CCSystem Analyst - AxwayACT
- CC.Net / AngularJS DeveloperVIC
- FTDigital Content Manager | AEM , HTML and CSSOther
- FTMarketing Operations ManagerNSW
- FTBusiness Analyst - Contract - $650 per dayOther
- TPSolution Architect - Cloud InfrastructureQLD
- FTJunior Front End DeveloperOther
- FTInfrastructure Design Engineer, DC Power, CommunicationsOther
- FTReporting AnalystQLD
- CCWeb Applications Project ManagerACT