33.2.2 Add / Edit SSL Inspection Profiles
Click Configuration > Security Service > SSL Inspection > Profile > Add to create a new profile or select
an existing profile and click Edit to change its settings.
Figure 371 Configuration > Security Service > SSL Inspection > Profile > Add / Edit
The following table describes the fields in this screen.
Table 229 Configuration > Security Service > SSL Inspection > Profile > Add / Edit
LABEL
Name
Description
CA Certificate
SSL/TLS version
supported
minimum
Log
Chapter 33 SSL Inspection
DESCRIPTION
This is the name of the profile. You may use 1-31 alphanumeric characters, underscores(
dashes (-), but the first character cannot be a number. This value is case-sensitive. These are
valid, unique profile names:
• MyProfile
• mYProfile
• Mymy12_3-4
These are invalid profile names:
• 1mYProfile
• My Profile
• MyProfile?
• Whatalongprofilename123456789012
Enter additional information about this SSL Inspection entry. You can enter up to 60 characters
("0-9", "a-z", "A-Z", "-" and "_").
This contains the default certificate and the certificates created in Object > Certificate > My
Certificates. Choose the certificate for this profile.
SSL Inspection supports SSLv3, TLS1.0, TLS1.1, and TLS1.2 to use Secure Sockets Layer (SSL) or
Transport Layer Security (TLS) if you want encrypted traffic.
These are the log options for unsupported traffic that matches traffic bound to this policy:
•
no: Select this option to have the Zyxel Device create no log for unsupported traffic that
matches traffic bound to this policy.
•
log: Select this option to have the Zyxel Device create a log for unsupported traffic that
matches traffic bound to this policy
•
log alert: An alert is an emailed log for more serious events that may need more immediate
attention. They also appear in red in the Monitor > Log screen. Select this option to have the
Zyxel Device send an alert for unsupported traffic that matches traffic bound to this policy.
ZyWALL ATP Series User's Guide
572
), or
_