ZyWALL 70 User’s Guide
268
Chapter 15 Certificates
Certification authorities maintain directory servers with databases of valid and revoked
certificates. A directory of certificates that have been revoked before the scheduled expiration
is called a CRL (Certificate Revocation List). The ZyWALL can check a peer’s certificate
against a directory server’s list of revoked certificates. The framework of servers, software,
procedures and policies that handles keys is called PKI (public-key infrastructure).
15.1.1 Advantages of Certificates
Certificates offer the following benefits.
• The ZyWALL only has to store the certificates of the certification authorities that you
decide to trust, no matter how many devices you need to authenticate.
• Key distribution is simple and very secure since you can freely distribute public keys and
you never need to transmit private keys.
15.2 Self-signed Certificates
Until public-key infrastructure becomes more mature, it may not be available in some areas.
You can have the ZyWALL act as a certification authority and sign its own certificates.
15.3 Configuration Summary
This section summarizes how to manage certificates on the ZyWALL.
Figure 121
Certificate Configuration Overview
Use the
My Certificate
screens to generate and export self-signed certificates or certification
requests and import the ZyWALL’s CA-signed certificates.
Use the
Trusted CA
screens to save CA certificates to the ZyWALL.
Use the
Trusted Remote Hosts
screens to import self-signed certificates.
Use the
Directory Servers
screen to configure a list of addresses of directory servers (that
contain lists of valid and revoked certificates).
Содержание ZyWALL 70
Страница 1: ...ZyWALL 70 Internet Security Appliance User s Guide Version 3 64 3 2005 ...
Страница 2: ......
Страница 38: ...ZyWALL 70 User s Guide 38 List of Figures ...
Страница 46: ...ZyWALL 70 User s Guide 46 List of Tables ...
Страница 74: ...ZyWALL 70 User s Guide 74 Chapter 2 Introducing the Web Configurator ...
Страница 92: ...ZyWALL 70 User s Guide 92 Chapter 3 Wizard Setup ...
Страница 102: ...ZyWALL 70 User s Guide 102 Chapter 4 LAN Screens ...
Страница 108: ...ZyWALL 70 User s Guide 108 Chapter 5 Bridge Screens ...
Страница 130: ...ZyWALL 70 User s Guide 130 Chapter 6 Wireless LAN ...
Страница 136: ...ZyWALL 70 User s Guide 136 Chapter 7 WAN Screens Figure 45 WAN General ...
Страница 155: ...ZyWALL 70 User s Guide Chapter 7 WAN Screens 155 Figure 55 Dial Backup Setup ...
Страница 188: ...ZyWALL 70 User s Guide 188 Chapter 10 Firewall Screens Figure 71 Creating Editing A Firewall Rule ...
Страница 193: ...ZyWALL 70 User s Guide Chapter 10 Firewall Screens 193 Figure 76 My Service Rule Configuration ...
Страница 234: ...ZyWALL 70 User s Guide 234 Chapter 13 Introduction to IPSec ...
Страница 246: ...ZyWALL 70 User s Guide 246 Chapter 14 VPN Screens Figure 112 VPN Rules IKE Gateway Policy Edit ...
Страница 252: ...ZyWALL 70 User s Guide 252 Chapter 14 VPN Screens Figure 113 VPN Rules IKE Network Policy Edit ...
Страница 275: ...ZyWALL 70 User s Guide Chapter 15 Certificates 275 Figure 125 My Certificate Details ...
Страница 294: ...ZyWALL 70 User s Guide 294 Chapter 16 Authentication Server Figure 136 Local User Database ...
Страница 314: ...ZyWALL 70 User s Guide 314 Chapter 17 Network Address Translation NAT ...
Страница 318: ...ZyWALL 70 User s Guide 318 Chapter 18 Static Route ...
Страница 324: ...ZyWALL 70 User s Guide 324 Chapter 19 Policy Route ...
Страница 340: ...ZyWALL 70 User s Guide 340 Chapter 20 Bandwidth Management ...
Страница 376: ...ZyWALL 70 User s Guide 376 Chapter 22 Remote Management ...
Страница 390: ...ZyWALL 70 User s Guide 390 Chapter 24 Logs Screens Figure 194 Log Settings ...
Страница 413: ...ZyWALL 70 User s Guide Chapter 25 Maintenance 413 Figure 216 Restart Screen ...
Страница 414: ...ZyWALL 70 User s Guide 414 Chapter 25 Maintenance ...
Страница 440: ...ZyWALL 70 User s Guide 440 Chapter 28 WAN and Dial Backup Setup ...
Страница 456: ...ZyWALL 70 User s Guide 456 Chapter 31 DMZ Setup ...
Страница 460: ...ZyWALL 70 User s Guide 460 Chapter 32 Route Setup ...
Страница 470: ...ZyWALL 70 User s Guide 470 Chapter 33 Remote Node Setup ...
Страница 522: ...ZyWALL 70 User s Guide 522 Chapter 39 System Information Diagnosis ...
Страница 538: ...ZyWALL 70 User s Guide 538 Chapter 40 Firmware and Configuration File Maintenance ...
Страница 550: ...ZyWALL 70 User s Guide 550 Chapter 42 Remote Management ...
Страница 558: ...ZyWALL 70 User s Guide 558 Chapter 43 IP Policy Routing ...
Страница 573: ...ZyWALL 70 User s Guide Chapter 45 Troubleshooting 573 Figure 360 Java Sun ...
Страница 574: ...ZyWALL 70 User s Guide 574 Chapter 45 Troubleshooting ...
Страница 582: ...ZyWALL 70 User s Guide 582 Appendix B Removing and Installing a Fuse ...
Страница 602: ...ZyWALL 70 User s Guide 602 Appendix D IP Subnetting ...
Страница 608: ...ZyWALL 70 User s Guide 608 Appendix F PPTP ...
Страница 626: ...ZyWALL 70 User s Guide 626 Appendix H Triangle Route ...
Страница 656: ...ZyWALL 70 User s Guide 656 Appendix K Importing Certificates ...
Страница 658: ...ZyWALL 70 User s Guide 658 Appendix L Command Interpreter ...
Страница 664: ...ZyWALL 70 User s Guide 664 Appendix M Firewall Commands ...
Страница 668: ...ZyWALL 70 User s Guide 668 Appendix N NetBIOS Filter Commands ...
Страница 674: ...ZyWALL 70 User s Guide 674 Appendix P Brute Force Password Guessing Protection ...
Страница 696: ...ZyWALL 70 User s Guide 696 Appendix R Log Descriptions ...