manualshive.com logo in svg

finjan NG-5000, Руководство пользователя

"Finjan NG-5000" - мощный сетевой устройство, обеспечивающий безопасное соединение с Интернетом. Для полного понимания функций и настроек, скачайте бесплатное Руководство пользователя на manualshive.com. Это must-have руководство поможет вам максимально эффективно использовать ваше устройство.

Поделиться
Скачать
background image

 

Integrated SSL Scanning 

 

Page 3 

Finjan proprietary and confidential 

 

Figure 1: Certificate Validation Profile 

The table below describes each option in the HTTPS certificate validation 
profile: 

2.2.1

 

Certificate Revoked (CRLs) 

Field 

Description 

Unable to get certificate CRL 

The CRL of a certificate could 
not be found. 

Unable to decrypt CRL's signature  

This means that the actual 
signature value could not be 
determined rather than it not 
matching the expected value. 

CRL signature failure 

The signature of the certificate 
is invalid. 

Certificate is not yet valid  

The notBefore date is after the 
current time. 

Certificate has expired 

The notAfter date is before the 
current time. 

Format error in CRL's lastUpdate field  

The CRL lastUpdate field 
contains an invalid time. 

Format error in CRL's nextUpdate field 

The CRL nextUpdate field 
contains an invalid time. 

Certificate revoked 

The certificate has been 
revoked. 

Содержание NG-5000

Страница 1: ...Software Version 9 0 Integrated SSL Scanning...

Страница 2: ...of Vulnerability are trademarks or registered trademarks of Finjan Sophos is a registered trademark of Sophos plc McAfee is a registered trademark of McAfee Inc Kaspersky is a registered trademark of...

Страница 3: ...ts 1 Introduction 1 2 HTTPS Scanning 1 2 1 On the Fly Certificate Generation 1 2 2 Certificate Validation 2 2 3 SSL Certificate Errors 6 3 HTTPS Policies 11 4 Configuring HTTPS Support 11 4 1 HTTPS Co...

Страница 4: ...injan also provides certificate validation functionality This ensures that corporate policies regarding certificates are enforced by automatically validating each certificate and ensuring that the cha...

Страница 5: ...ital certificate lists are updated via Finjan security updates These lists include the required trusted certificate authorities as well as the Certificate Revocation Lists CRLs Certificate validation...

Страница 6: ...means that the actual signature value could not be determined rather than it not matching the expected value CRL signature failure The signature of the certificate is invalid Certificate is not yet v...

Страница 7: ...Structure Field Description Certificate signature cannot be decrypted The certificate signature could not be decrypted meaningful for RSA keys Cannot decode issuer public key The public key in the cer...

Страница 8: ...rusted for the specified purpose Certificate rejected The root CA is marked to reject the specified purpose Subject issuer mismatch The current candidate issuer certificate was rejected because its su...

Страница 9: ...e is before the current time 2 3 SSL Certificate Errors When the end user opens the HTTPS session the Scanning Server has to encrypt and decrypt the data between the end user and the Scanning Server T...

Страница 10: ...ervers issued by the organization s CA root certificate which is already trusted by all users NOTE Using a certificate from a trusted CA such as VeriSign will not prevent the certificate validation ch...

Страница 11: ...KiCKy JqpuLU0MuXsOOQ END CERTIFICATE 2 Install the certificate on the browser To install the certificate on Internet Explorer a In the control panel click Internet Options b Click the Content tab and...

Страница 12: ...Copy this into a separate text file to send to a certificate authority 6 Once you have a certificate back send it to your end users to install on their browsers 7 In the Limited Shell enter the comma...

Страница 13: ...dy configured to trust the organizations root CA and there is no need to configure anything for the users To install the root certificate on the Scanning Server 1 Connect to the Management Console via...

Страница 14: ...In addition to the above two policies the user can configure additional policies and rules The security policies apply only to the way that the scanning server handles the certificate validation bypas...

Страница 15: ...is disabled by default This protocol is non secure and should not be used unless there are compatibility problems Allow SSLv3 Enables support for SSLv3 protocol This option is enabled by default Allow...

Страница 16: ...is timed out if not responsive Max HTTPS Transactions Backlog Defines the maximum number of outstanding connection requests to be served by the system After this number is reached the system is timed...

Страница 17: ...to configure proxy settings for the users This can be done by using one of the following methods Layer 4 Switch By using a third party layer 4 switch it is possible to redirect all traffic destined to...

Страница 18: ...still mandatory to install the SSL certificate of the Scanning Server on the end user s PC in order to prevent the security warnings When the end user browses an HTTPS site the Scanning Server generat...

Отзывы:

Нет отзывов

Похожие инструкции для NG-5000

Jøtul JGFW-5 Manual preview
JGFW-5
Бренд: Jøtul Страницы: 12
Authonet Firewall F-10 Product Overview & Operation Manual preview
Firewall F-10
Бренд: Authonet Страницы: 51
ZyXEL Communications ZYWALL OTPV2 - Support Notes preview
ZYWALL OTPV2 -
Бренд: ZyXEL Communications Страницы: 64
ZyXEL Communications ZyWALL SSL 10 Support Notes preview
ZyWALL SSL 10
Бренд: ZyXEL Communications Страницы: 102
H3C SecPath F5000 Series Compliance And Safety Manual preview
SecPath F5000 Series
Бренд: H3C Страницы: 51
Watchguard XCS 1180 Quick Start Manual preview
XCS 1180
Бренд: Watchguard Страницы: 23
vpneveryone HTTPS VPN Secure WiFi USB Dongle User Manual preview
HTTPS VPN Secure WiFi USB Dongle
Бренд: vpneveryone Страницы: 13

Бренды по названию

Популярные бренды

Загрузить еще бренды