McAfee® Network Security Platform 5.1
In the
out-of-order
Figure 113: TCP Flow Violation Setting for L3 ACLs
Limitations
•
•
•
Enabling Secure Socket Layer (SSL) Decryption
The
Layer (SSL) decryption on IPS Sensors of the
manage the SSL keys the Sensors use for decryption.
For a description of SSL functionality in Network Security Platform, see
The available actions in this group are:
•
•
•
TCP Parameters Configuration
.
L3 ACLs can be used only with
Syn-cookie should not used when L3 ACLs are applied.
ACL logging is not supported for L3 ACL rules.
IPS Settings > SSL Decryption
tab contains the actions required to enable Secure Socket
Enabling the SSL decryption functionality (on page 105): Enable SSL decryption and
configure Sensor SSL parameters for the IPS Sensors under
Managing the imported SSL keys of the Sensors (on page 107): Manage the SSL
keys that have been imported to Manager for on one or more IPS Sensors.
Importing SSL keys to the Sensors (on page 106): Import SSL keys to Manager for
download to IPS Sensors.
TCP Flow Violation
page, from the
TCP flow violation
set to
IPS Settings
104
Managing IPS settings
Permit
drop-down, select
Permit out-of order
.
node, as well as to import and
Getting Started Guide
IPS Settings
node.
.