Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 Manual page 280

Configuring Secure Access Devices Guide
262
Table 76: Configuring Global Security Details (continued)
Option Function
Allowed SSL Specifies encryption requirements for
and TLS Secure Access device users.
Version
strength Specifies the encryption strength.
AES/3DES High Allows the Secure Access device to
(168-bit and provide preference to 256-bit AES
greater) over 3DES.
NOTE: This option is displayed only
when you select Custom SSL Cipher
Selection from the strength
drop–down list.
Your Action
Select any one of the following
options from the drop-down list:
Accept only TLS V1 (maximize
security with reduced
compatibility)—For maximize
security with reduced compatibility.
Accept only SSL V3 and TLS V1
(maximize security)—For maximize
security.
Accept SSL V2 and V3 and TLS V1
(maximize browser
compatibility)—For users who have
older browsers that use SSL version
2 to update their browsers or
change the Secure Access device
setting to allow SSL version 2, SSL
version 3, and TLS.
NOTE: The Secure Access device
requires SSL version 3 and TLS by
default.
Select one of the following options
from the drop-down list.
Accept only 168-bit and greater
(maximize security)—Secure
Access device gives preference to
256-bit AES over 3DES
Accept only 128-bit and greater
(security and browser
compatibility)—Secure Access
device gives preference to RC4
ciphers.
Accept 40-bit and greater
(maximize browser
compatibility)—Secure Access
device gives preference to RC4
ciphers.
Custom SSL Cipher
Selection—Specifies a combination
of cipher suites for the incoming
connection from the user's browser.
Select the AES/3DES High (168-bit
and greater) check box to enable this
feature.
Copyright © 2010, Juniper Networks, Inc.