Upload
leah-joyner
View
37
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Vital Security Appliance SSL Scanning Server. Benefits of a Finjan SSL Scanner. 100% Compatible with Vital Security Preconfigured for optimum security Preconfigured for performance Easy Deployment. How it works… (1/2). Workstation has SSL Appliance as Proxy Server for HTTPS. - PowerPoint PPT Presentation
Citation preview
Benefits of a Finjan SSL Scanner
• 100% Compatible with Vital Security
• Preconfigured for optimum security
• Preconfigured for performance
• Easy Deployment
How it works… (1/2)
• Workstation has SSL Appliance as Proxy Server for HTTPS.
• Workstation receives a certificate that matches the requested URL. This certificate is generated by SSL appliance.
• SSL appliance requests the information from the Internet using a NEW HTTPS connection.
• SSL appliance checks the Server certificate for:– Revocation
– Expiration
– URL
– Trusted chain
How it works… (2/2)
• SSL appliance uses the Scanning Server for scanning.
• NG Scanning Server returns SSL traffic to the SSL appliance.
• Scanning Server replies with one of the answers below:– Error message
– Modified headers and/or modified body
– No adaptation needed
• SSL appliance sends the original or the modified content to the workstation.
Default IP addresses (NG1400 & NG5400)
• Connect a PC to the NG1400 or NG5400 right port (if necessary use cross cable)
https://10.0.0.100:8380/VSSSLAdmin/LicenseAgr.html
(username: admin password: admin)
• This will start a wizard for configuring the SSL Scanning Server
Configure NG scanner (SSL appliance)
The proxy IP address can also be a VIP of a Loadbalancer
SSL & NG appliance keep state information in the traffic flow
NG Scanner:IP Address & Port
(default 8080)
SSL Returned Communication (NG appliance)
The SSL Returned IP address can also be a VIP of a Loadbalancer
SSL & NG appliance keep state information in the traffic flow
SSL Appliance:IP Address & Port
(default 8081)