ZyXEL Communications ATP800 - Certificate Cache List

852 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Chapter 6 Monitor

ZyWALL ATP Series User’s Guide

173

6.35.1 Certificate Cache List

SSL traffic to a server to be excluded from SSL Inspection is identified by its certificate. Traffic in an

Exclude List is not intercepted by SSL Inspection.

Click Monitor > Security Statistics > SSL Inspection > Certificate Cache List to display a screen that shows

details on SSL traffic going to servers identified by its certificate and an option to add that traffic to the

Exclude List.

Figure 143 Monitor > Security Statistics > SSL Inspection > Certificate Cache List

The following table describes the labels in this screen.

Decrypted (Kbytes) This shows the number of kilobytes (KB) of data that was decrypted for Security

Service inspection.

Encrypted (Kbytes) This shows the number of kilobytes (KB) of data that was re-encrypted after Security

Service inspection and then forwarded.

Sessions Blocked This shows the number of SSL sessions blocked.

Sessions Passed This shows the number of SSL sessions passed.

Table 67 Monitor > Security Statistics > SSL Inspection > Summary (continued)

LABEL DESCRIPTION

Table 68 Monitor > Security Statistics > SSL Inspection > Certificate Cache List

LABEL DESCRIPTION

Certificate Cache List

Add to Exclude list Select and item in the list and click this icon to add the common name (CN) to the

Exclude List.

# This field is a sequential value, and it is not associated with a specific entry.

In Exclude List If any one of common name, DNS name, email address or IP address of the

certificate is in the Exclude List, then traffic to the server identified by the certificate is

excluded from inspection.

The icons here are defined as follows:

• Gray: The identity of the certificate is not in the Exclude List

• Green: The common name of the certificate is in the Exclude List

• Yellow: The common name of certificate is not in the Exclude List but one of the

DNS name, email address or IP address is.

Time This is the latest date (yyyy-mm-dd) and time (hh-mm-ss) that the record in the

certificate cache list was met.

Common Name This displays the common name in the certificate of the SSL traffic destination server.

Table of Contents

Other manuals for ZyXEL Communications ATP800

Handbook810 pages

Related product manuals

ZyXEL Communications ATP200

Preview: ZyWall ATP series

ZyWall ATP series

Preview: ZyXEL Communications 310

ZyXEL Communications 310

Preview: ZyXEL Communications USG40

ZyXEL Communications USG40

Preview: ZyXEL Communications USG60

ZyXEL Communications USG60

Preview: ZyXEL Communications ZyWall

ZyXEL Communications ZyWall

ZyXEL Communications USG60W

Preview: ZyXEL Communications USG310

ZyXEL Communications USG310

Preview: ZyXEL Communications ZYWALL 5

ZyXEL Communications ZYWALL 5

Preview: ZyXEL Communications ZyWall 110

ZyXEL Communications ZyWall 110

ZyXEL Communications ZyWALL 310

Preview: ZyWALL USG-Series

ZyWALL USG-Series