Table of Contents
Advertisement
Figure 34-50. Configuration > Ranger Gateway page Restrictions tab
A "messaging connection" is an SSL connection used to allow secure communication between a
ZoneRanger and a Ranger Gateway, or between redundant ZoneRangers. The Restricted
Addresses section is used to prevent the ZoneRanger from initiating messaging connections to
specified addresses or address ranges. Restricted address may be specified as address patterns.
The ZoneRanger will accept incoming messaging connections regardless of any configured
restrictions. For example, if the address corresponding to a Ranger Gateway is restricted, the
Ranger Gateway will be allowed to initiate a messaging connection to the ZoneRanger, but the
ZoneRanger will not be allowed to initiate a connection to the Ranger Gateway.
The typical application of restricted addresses is the case where a ZoneRanger is located in a
DMZ, the Ranger Gateway is located on the other side of a firewall, and security policy dictates
that all connections through the firewall be initiated from outside the DMZ.
Configuring SSL Trust between ZoneRanger and Ranger Gateway
All communication between Ranger Gateways and ZoneRangers is protected using SSL, in an
effort to authenticate the communicating entities, and to ensure that the information being
communicated remains confidential. The Configuration > Ranger Gateways page SSL Trust
tab establishes the credentials needed for a Ranger Gateway to communicate with the
ZoneRanger.
ZoneRanger 5.5 User's Guide
163
Hide quick links:
Advertisement
Table of Contents
