Copyright © 2010, Juniper Networks, Inc.
Table 76: Configuring Global Security Details (continued)
Option
Function
AES Medium
Allows the Secure Access device to
(between
use 168-bit or higher ciphers for
128-bit and
backend rewriter connections and the
168-bit)
device to provide preference to
256-bit AES encryption for backend
mail proxy SSL connections.
NOTE: This option is displayed only
when you select Custom SSL Cipher
Selection from the strength
drop–down list.
RC4 Medium
Allows Secure Access device to use
(between
168-bit or higher ciphers for backend
128-bit and
rewriter connections and the device
168-bit)
provides preference to 256-bit AES
encryption for backend mail proxy SSL
connections.
NOTE: This option is displayed only
when you select Custom SSL Cipher
Selection from the strength
drop–down list.
RC2 Medium
Allows Secure Access device to use
(between
168-bit or higher ciphers for backend
128-bit and
rewriter connections and device gives
168-bit)
preference to 256-bit AES encryption
for backend mail proxy SSL
connections.
NOTE: This option is displayed only
when you select Custom SSL Cipher
Selection from the strength
drop–down list.
DES Low (less
Allows Secure Access device to use
than 128-bit)
168-bit or higher ciphers for backend
rewriter connections and the device
provides preference to 256-bit AES
encryption for backend mail proxy SSL
connections.
NOTE: This option is displayed only
when you select Custom SSL Cipher
Selection from the strength drop–
down list.
Do not allow
Prevents a browser with a weak cipher
connections
from establishing a connection.
from browsers
that only
accept weaker
ciphers
Settings
Chapter 17: Configuring Secure Access System Management Features
Your Action
Select the AES Medium (between
128-bit and 168-bit) check box to
enable this feature.
Select the RC4 Medium (between
128-bit and 168-bit) check box to
enable this feature.
Select the RC2 Medium (between
128-bit and 168-bit) check box to
enable this feature.
Select the DES Low (less than
128-bit) check box to enable this
feature.
Select the Do not allow connections
from browsers that only accept
weaker ciphers check box to enable
this feature.
263