Displaying and maintaining SSH ······························································································································· 217
SFTP configuration ······················································································································································ 231
SFTP overview······························································································································································· 231
Configuration prerequisites ································································································································ 231
Enabling the SFTP server ···································································································································· 231
Working with SFTP directories ··························································································································· 233
Working with SFTP files ······································································································································ 233
Displaying help information ······························································································································· 234
SSL configuration ························································································································································ 241
SSL overview ································································································································································· 241
SSL security mechanism ······································································································································ 241
SSL protocol stack ··············································································································································· 242
SSL configuration task list ············································································································································ 242
Configuring an SSL server policy ······························································································································· 242
Configuration prerequisites ································································································································ 242
Configuration procedure ···································································································································· 243
Configuring an SSL client policy ································································································································ 245
Configuration prerequisites ································································································································ 245
Configuration procedure ···································································································································· 245
Displaying and maintaining SSL ································································································································ 246
Troubleshooting SSL ····················································································································································· 246
SSL handshake failure ········································································································································· 246
TCP attack protection overview ·································································································································· 248
Enabling the SYN cookie feature ······························································································································· 248
IP source guard configuration ··································································································································· 249
IP source guard overview ············································································································································ 249
Introduction to IP source guard ·························································································································· 249
IP source guard binding ····································································································································· 249
viii