Ssl Introduction; Introduction To Ssl; Port Blocking Mechanism - SonicWALL SSL-R User Manual

Secure sockets layer ffloading solutions that allow servers to provide both secure and non-secure services at the same high speeds

Hide thumbs Also See for SSL-R:

Hardware manual (4 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

Table of Contents

Chapter 3 SSL Introduction

SSL INTRODUCTION

This chapter presents a short introduction to basic SSL components and a description of

how the components are used in configuring the SonicWALL SSL appliance. Instructions for

using OpenSSL to generate keys and certificates is also included in this chapter.

Introduction to SSL

Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions

of data through privacy, authentication, and data integrity. It relies upon certificates, public

keys, and private keys.

Certificates are similar to digital ID cards. They prove the identity of the server to clients.

Certificates are issued by Certificate Authorities (CAs) such as VeriSign

or Thawte. Each

certificate includes the name of the authority that issued it, the name of the entity to which

the certificate was issued, the entity's public key, and time stamps that indicate the

certificate's expiration date.

Public and private keys are the ciphers used to encrypt and decrypt information. While the

public key is shared quite freely, the private key is never given out. Each public-private key

pair works together: data encrypted with the public key can only be decrypted with the

private key.

You can configure SonicWALL SSL appliances using either the GUI or command line

interface-based QuickStart wizard or configuration manager. The latter options are

available remotely or through serial or telnet connections.

Port Blocking Mechanism

During configuration you must specify the SSL and clear text (decrypted) TCP service ports.

SonicWALL SSL appliances monitor the SSL TCP service port(s) you specify, perform SSL

decoding of packets on those ports, then send the packets to the server via a user-defined

TCP clear text service port. All other network traffic is passed through the appliance

transparently.

The clear text TCP service port used for data transfer between the SSL appliance and the

web server cannot be used for any other data. The SSL appliance blocks access to the clear

text port, protecting your secure data from direct clear test access.

One result of this port blocking strategy is that you cannot use the same plain text TCP

service port between the SSL appliance and the server for both non-secure (http:) and

Page 25

Table of Contents

This manual is also suitable for:

Ssl-ia

Ssl Introduction; Introduction To Ssl; Port Blocking Mechanism - SonicWALL SSL-R User Manual

SSL INTRODUCTION

Introduction to SSL

Port Blocking Mechanism

Related Manuals for SonicWALL SSL-R

Related Content for SonicWALL SSL-R

This manual is also suitable for:

Table of Contents