Chapter 1 Overview
Product Overview
1-2
Cisco 11000 Series Secure Content Accelerator Configuration Guide
78-13124-06
Product Overview
The Secure Content Accelerator is a Secure Sockets Layer (SSL) offloading solution.
You can secure a server for testing purposes immediately using a pre-loaded default
key and certificate rather than wait up to a week for your key and certificate to arrive.
Simply load your own certificate and key when they are available.
The Cisco 11000 Series Secure Content Accelerator is compatible with all Cisco
content switches—the Cisco LocalDirector, the Catalyst Content Switching Module,
and the Cisco CSS 11000 Series Content Services Switches.
The Secure Content Accelerator provides:
•
Secure URL rewrite, preventing URL redirects and references from breaking
or circumventing SSL sessions.
•
FIPS-compliant operation (SCA2 only)
•
Firmware signatures are verified during startup and when a firmware image is
uploaded to or loaded on the device.
•
Auto logout for increased configuration security
•
Management via command line and Web-based graphical user interfaces
•
Hardware server keepalive support
•
Arbitrary HTTP headers
•
TCP tuning facility
•
Syslog facility support
•
Authentication logging
•
SSL version control
•
RIP client version 1 and 2 support
•
Multiple SNTP server support
•
SNMP MIB-II support (read-only)
•
Transparent/non-transparent SSL proxy toggling
•
Non-SSL traffic blocking when operating in default in-line (dual-port) mode
•
Arbitrary certificate size
•
Netscape International Step-Up Certificate and Microsoft Server Gated
Cryptography support