User ManualTable of ContentsIntel® NetStructure™ 7110/7115 e-Commerce Accelerator1Version 2.31Copyright2Trademarks2Table of Contents3List of Figures9Introduction11About this User Guide11New in This Release12Who Should Use this Book13Before You Begin13How to Use this Book14Installation and Initial Configuration17Before You Begin17Installing the 7110/7115 Free- Standing or in a Rack18Rack Installation18Free-Standing Installation19Network Connections19Status Check20Network and Server LEDs20Inline LED20Admin Terminal Connection20HyperTerminal§ Paste Operations21Troubleshooting22Server and Network LEDs22Continuing Configuration22Theory of Operation23Security23Single Server Acceleration23Multiple Servers24Working with Internet Traffic Management (ITM) Devices25Positioning 7110/7115 between ITM Device and Client Network25Positioning 7110/7115 between ITM Device and Server26Multiple 7110/7115s and Cascading Processing26Scalability and Cascading26Spilling and Throttling26Availability27Keys and Certificates27Cutting and Pasting with HyperTerminal§28Obtaining a Certificate from VeriSign§ or Other Certificate Authority29Procedure29Exporting a Key/Certificate from a Server32Apache Interface to Open SSL§ (mod_ssl)32Apache SSL§33Stronghold§34Importing into the 7110/711534Creating a new Key/Certificate on the 7110/711536Procedure36Global Site Certificates37Overview37Global Site Certificate Paste Procedure38Redirection: Clients and Unsupported Ciphers39Client Authentication40Creating a Client CA Certificate using OpenSSL§42SSL Processing43Mapping43Automapping43Automapping with user-specified key and certificate44Automapping with multiple port combinations44Deleting automapping entries44Manual mapping44Combining automapping and manual mapping45Blocking45Specific IP, Specific Port45Subnet IP, Specific Port46All IPs, Specific Port46Delete a Block47Failure Conditions, Fail-safe, and Fail-through48Scenarios49Syntax50Scenario 1—Single Server51Procedure for Scenario 151Automapping51Manual Configuration51Scenario 2—Multiple Servers53Procedure for Scenario 253Scenario 3—Multiple 7110/ 7115s, Cascaded55Assumptions55Procedure for Scenario 356Scenario 4—Different Ingress and Egress Routers58Procedure for Scenario 458Command Reference59Online Help59Command Line Interface60User Authentication60Command Line Prompt60Abbreviation to Uniqueness60Moving the Insertion Point62Command History62Cut and Paste63Command Summary64Command Reference69Help Commands69Status Command69SSL Commands70Port Mapping Commands80Operational Commands83Remote Management Commands85Alarms and Monitoring Commands92Configuration Commands96Administration Commands Logging Commands102Remote Management107Overview107Limitations108Remote Management CLI Commands108Remote Telnet Sessions110Local Serial Console110Remote Console, Telnet111Changing the Telnet Port111Disabling Telnet112Remote SSh Sessions112Local Serial Console112Remote Console, SSh113Changing the SSh Port113Disabling SSh114SNMP114Standards Compliance115Intel MIB Tree115Supported MIBs116Where to find MIB Files116Enterprise Private MIB Summary117Trap Summary122Standard SNMP Traps122Private Traps in ssl-appliance-mib.my122Enabling SNMP.123Specifying SNMP Information124Community String125Trap Community String126Access Control127Alarms and Monitoring129Overview129Alarm Types131ESC: Encryption Status Change Alarm131Alarm Modifiers and Messages:131RSC: Refused SSL Connections132Alarm Modifiers and Messages132Extended Data132RSC Alarm CLI Commands132UTL: Utilization Threshold Alarm133Alarm Modifiers and Messages133Extended Data134UTL Alarm CLI commands134OVL: Overload Alarm135Alarm Modifiers and Messages:135Extended Data:135OVL Alarm CLI Commands:135NLS: Network Link Status Alarm136Alarm modifiers and messages:136Extended Data:136Alarm Logging136Monitoring141Monitoring Reports141Report Configuration141Monitoring Reports CLI Commands142Software Updates145Using Windows§ HyperTerminal§146Using Unix§ ‘cu’ and uuencoded image file147Troubleshooting151Front Panel155Buttons and Switches156Front Panel LEDs156Connectors158Failure/Bypass Modes159Bypass Button160Fail-through Switch (Security Level)160Supported Ciphers163Cipher Strength163SSL Version Level164Regulatory Information167Taiwan Class A EMI Statement167VCCI Statement168FCC Part 15 Compliance Statement168Canada Compliance Statement (Industry Canada)169CE Compliance Statement169CISPR 22 Statement170VCCI Class A (Japan)170Australia170WARNING170AVERTISSEMENT171WARNUNG172AVVERTENZA172ADVERTENCIAS173Wichtige Sicherheitshinweise174Terms and Conditions and Software License177Glossary185Support Services189Worldwide Access to Technical Support189North America only189Japan only189Other areas189Size: 1.27 MBPages: 196Language: EnglishOpen manual