Vital Security Appliance SSL Scanning Server

Benefits of a Finjan SSL Scanner

• 100% Compatible with Vital Security

• Preconfigured for optimum security

• Preconfigured for performance

• Easy Deployment

How it works… (1/2)

• Workstation has SSL Appliance as Proxy Server for HTTPS.

• Workstation receives a certificate that matches the requested URL. This certificate is generated by SSL appliance.

• SSL appliance requests the information from the Internet using a NEW HTTPS connection.

• SSL appliance checks the Server certificate for:– Revocation

– Expiration

– URL

– Trusted chain

How it works… (2/2)

• SSL appliance uses the Scanning Server for scanning.

• NG Scanning Server returns SSL traffic to the SSL appliance.

• Scanning Server replies with one of the answers below:– Error message

– Modified headers and/or modified body

– No adaptation needed

• SSL appliance sends the original or the modified content to the workstation.

Default IP addresses (NG1400 & NG5400)

• Connect a PC to the NG1400 or NG5400 right port (if necessary use cross cable)

https://10.0.0.100:8380/VSSSLAdmin/LicenseAgr.html

(username: admin password: admin)

• This will start a wizard for configuring the SSL Scanning Server

Installation

• Configure TCP/IP related settings

Certificate Policy

URL Policy

Select Proxy Mode (SSL appliance)

Select Proxy

Configure NG scanner (SSL appliance)

The proxy IP address can also be a VIP of a Loadbalancer

SSL & NG appliance keep state information in the traffic flow

NG Scanner:IP Address & Port

(default 8080)

SSL Returned Communication (NG appliance)

The SSL Returned IP address can also be a VIP of a Loadbalancer

SSL & NG appliance keep state information in the traffic flow

SSL Appliance:IP Address & Port

(default 8081)

Thank You