SonicWALL 5.8.1 Manuale Utente

Detect Weak Ciphers (<64 bits) – Controls the detection of SSL sessions negotiated with 
symmetric ciphers less than 64 bits, commonly indicating export cipher usage.

Detect MD5 Digest – Controls the detection of certificates that were created using an MD5 
Hash.

Configure Blacklist and Whitelist – Allows the administrator to define strings for matching 
common names in SSL certificates. Entries are case-insensitive, and will be used in 
pattern-matching fashion, for example:

To configure the Whitelist and Blacklist, click the Configure button to bring up the following 
window.

sonicwall.com

https://www.sonicwall.com, 
https://
csm.demo.sonicwall.com, 
https://mysonicwall.com, 
https://
supersonicwall.computers.or
g, https://67.115.118.87 

a

https://www.sonicwall.de

prox

https://proxify.org, https://
www.proxify.org, https://
megaproxy.com, https://
1070652204 

b

https://www.freeproxy.ru 

c

a.67.115.118.67 is currently the IP address to which sslvpn.demo.sonicwall.com resolves, and that site uses a certificate issued to 

sslvpn.demo.sonicwall.com. This will result in a match to “sonicwall.com” since matching occurs based on the common name 
in the certificate.

b.This is the decimal notation for the IP address 63.208.219.44, whose certificate is issued to www.megaproxy.com.

c.www.freeproxy.ru will not match “prox” since the common name on the certificate that is currently presented by this site is a 

self-signed certificate issued to “-“. This can, however, easily be blocked by enabling control of self-signed or Untrusted CA 
certificates.