Integrated SSL Scanning
Page 14 Finjan proprietary and confidential
Figure 7 - HTTPS Configuration
4.1 HTTPS Configurable Parameters
System administrators can configure the following HTTPS-related
parameters:
4.1.1 HTTP Service
HTTP Service Description
Listening IP For better system security, it is recommended to
configure the IP address as the IP address of the
corresponding physical interface.
Listening Port When working in explicit mode (proxy mode), this is
the port number for the HTTPS scanning service.
4.1.2 Advanced
HTTP Service Description
Allow SSLv2 Enables support for SSLv2 protocol. This option is
disabled by default. This protocol is non-secure and
should not be used unless there are compatibility
problems.
Allow SSLv3 Enables support for SSLv3 protocol. This option is
enabled by default.
Allow TLSv1 Enables support for SSLv1 protocol. This option is
enabled by default.
Use Diffie-Hellman Enables the use of Diffie-Hellman as the key
exchange mechanism between the client and the
proxy. This is enabled by default.
Allow Weak Cipher Suites Allows the choice of weak (non-secure) cipher suites
when performing an SSL handshake between Vital
Security and the HTTPS server. This option is
disabled by default.
To Next Page
Loading...
Need help?
General
