Cryptographic Scheme
DES-CBC-SHA
EXP-ARC2-MD5
EXP-ARC4-MD5
EXP-ARC4-SHA
EXP-DES-CBC-SHA
EXP1024-ARC2-CBC-MD5
EXP1024-ARC4-MD5
EXP1024-ARC4-SHA
EXP1024-DES-CBC-SHA
NULL-MD5
NULL-SHA
*ARC4 is compatible with RC4™ RSA Data Security; **ARC2 is compatible with RC2™ RSA Data Security.
Additionally you can create your own specialized security policies, assigning the
cryptographic schemes you wish to use singly or in combination.
Methods to Manage the SonicWALL SSL Appliance
You can configure the SonicWALL SSL appliance using one of four methods, three of which
use the command-line interface configuration manager.
•
Serial connection, configuration manager
— An IP address need not have been assigned to the appliance for management
— Can set the appliance to single-port mode during a management session
— Can manage only to the appliance physically connected to the serial cable
— FailSafe password can be used to return the appliance to factory defaults
•
Telnet connection, configuration manager
— An IP address must have been assigned to the appliance
— Cannot set the appliance to single-port mode during a management session
— Can manage only one appliance
•
Remote network connection, configuration manager application
— An IP address need not have been assigned to the appliance for management
— Cannot set the appliance to single-port mode during a management session
— Can attach to multiple appliances
•
Remote network connection, GUI
Message
Encryption
Authentication
DES (56)
SHA1
ARC2** (40)
MD5
ARC4* (40)
MD5
ARC4* (40)
SHA1
DES (40)
SHA1
ARC2** (40)
MD5
ARC4* (40)
MD5
ARC4* (40)
SHA1
DES (40)
SHA1
None
MD5
None
SHA1
Chapter 3 SSL Introduction
Security
Key
Policy
Exchange
Assignments
RSA (1024)
strong, all
RSA (512)
weak, all
RSA (512)
weak, default, all
RSA (512)
weak, default, all
RSA (512)
weak, all
RSA (1024)
weak, default, all
RSA (1024)
weak, default, all
RSA (1024)
weak, default, all
RSA (1024)
weak, all
None
weak, default, all
None
weak, default, all
Page 33