Integrated SSL Scanning
Page 16 Finjan proprietary and confidential
Figure 9 - Allowed Server Ports Settings
5. Transparent HTTPS
Transparent HTTPS Scanning allows system administrators to
transparently redirect users to the Scanning Server, without the need to
configure proxy settings for the users. This can be done by using one of
the following methods:
♦ Layer 4 Switch: By using a third-party layer 4 switch, it is possible to
redirect all traffic destined for port 443 (or any other port) to the
Scanning Server.
♦ WCCP: By using a WCCP-enabled router or switch, it is possible to
redirect all traffic destined for port 443 (or any other port) to the
Scanning Server.
♦ Firewall Redirection: Some firewall vendors support the ability to
transparently redirect traffic to third-party vendors. In this case, a
firewall policy can redirect all HTTPS traffic to the Scanning Server.
NOTE: User authentication is not supported in conjunction with
Transparent HTTPS. User identification is based on
source IP address only.
Due to the nature of the HTTPS protocol, when the End-User sends
HTTPS traffic in transparent mode, Finjan’s Vital Security Scanning Server
doesn’t not see the requested host (it sees only the destination IP
address) and policies, related to the URL (such as bypass scanning or
URL categorization) do not work.
To Next Page
Loading...
Need help?
General
