Content Filtering and Optimizing Scans
210
ProSecure Unified Threat Management (UTM) Appliance
Figure 116.
The HTTPS scanning process functions with the following principles:
• The UTM breaks up an SSL connection between an HTTPS server and an HTTP client in
two parts:
- A connection between the HTTPS client and the UTM
- A connection between the UTM and the HTTPS server
• The UTM simulates the HTTPS server communication to the HTTPS client, including the
SSL negotiation, certificate exchange, and certificate authentication. In effect, the UTM
functions as the HTTPS server for the HTTPS client.
• The UTM simulates the HTTPS client communication to the HTTPS server, including the
SSL negotiation, certificate exchange, and certificate authentication. In effect, the UTM
functions as the HTTPS client for the HTTPS server.
During SSL authentication, the HTTPS client authenticates three items:
• Is the certificate trusted?
• Has the certificate expired?
• Does the name on the certificate match that of the website?
If one of these items is not authenticated, a security alert message displays in the browser
window:
To Next Page
Loading...
