ZyXEL Communications ZyWALL 1100 User Manual page 502
Zywall/usg series
Hide thumbs
Also See for ZyWALL 1100:
- User manual (994 pages) ,
- Handbook (749 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
The following table describes the fields in this screen.
Table 202 Configuration > UTM Profile > SSL Inspection > Profile > Add / Edit
LABEL
DESCRIPTION
Name
This is the name of the profile. You may use 1-31 alphanumeric characters,
underscores(
case-sensitive. These are valid, unique profile names:
• MyProfile
• mYProfile
• Mymy12_3-4
These are invalid profile names:
• 1mYProfile
• My Profile
• MyProfile?
• Whatalongprofilename123456789012
Description
Enter additional information about this SSL Inspection entry. You can enter up to 60
characters ("0-9", "a-z", "A-Z", "-" and "_").
CA Certificate
This contains the default certificate and the certificates created in Object > Certificate >
My Certificates. Choose the certificate for this profile.
Severity Level
Select a severity level and these use the icons to enable/disable and configure logs and
actions for all signatures of that level.
Action for
SSL Inspection supports SSLv3 and TLS1.0. Select to pass or block SSLv2 traffic that
connection with
matches traffic bound to this policy here.
SSL v2
Log
These are the log options for SSLv2 traffic that matches traffic bound to this policy:
•
no: Select this option to have the ZyWALL/USG create no log for SSLv2 traffic that
matches traffic bound to this policy.
•
log: Select this option to have the ZyWALL/USG create a log for SSLv2 traffic that
matches traffic bound to this policy.
•
log alert: An alert is an e-mailed log for more serious events that may need more
immediate attention. They also appear in red in the Monitor > Log screen. Select this
option to have the ZyWALL/USG send an alert for SSLv2 traffic that matches traffic
bound to this policy.
Action for
SSL Inspection supports these cipher suites:
Connection with
•
RC4
unsupported
•
DES
suit
•
3DES
•
AES
Select to pass or block unsupported traffic (such as other cipher suites, compressed
traffic, client authentication requests, and so on) that matches traffic bound to this policy
here.
Log
These are the log options for unsupported traffic that matches traffic bound to this policy:
•
no: Select this option to have the ZyWALL/USG create no log for unsupported traffic
that matches traffic bound to this policy.
•
log: Select this option to have the ZyWALL/USG create a log for unsupported traffic
that matches traffic bound to this policy
•
log alert: An alert is an e-mailed log for more serious events that may need more
immediate attention. They also appear in red in the Monitor > Log screen. Select this
option to have the ZyWALL/USG send an alert for unsupported traffic that matches
traffic bound to this policy.
Excepted
Use the icons to enable/disable and configure logs and actions for individual signatures that
Signatures
are different to the general settings configured for the severity level to which the signatures
belong. Signatures configured in Query View will appear in Group View.
Chapter 31 SSL Inspection
), or dashes (-), but the first character cannot be a number. This value is
_
ZyWALL/USG Series User's Guide
502
- Quick Links:
- Web Configurator
- Web Configurator Access
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
