Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules Manual De Referência
Content Filtering and Optimizing Scans
213
ProSecure Unified Threat Management (UTM) Appliance
3.
Click Apply to save your settings.
Note:
For information about certificates that are used for SSL connections
and HTTPS traffic, see
Manage Digital Certificates for HTTPS Scans
Note:
For information about digital certificates for VPN connections, see
Before enabling HTTPS scanning, you can specify which digital certificate is used by the
UTM to handle HTTPS requests. The UTM uses digital certificates to authenticate connecting
HTTPS servers, and to allow HTTPS clients to be authenticated by remote entities. A digital
certificate that authenticates a server, for example, is a file that contains the following
elements:
UTM to handle HTTPS requests. The UTM uses digital certificates to authenticate connecting
HTTPS servers, and to allow HTTPS clients to be authenticated by remote entities. A digital
certificate that authenticates a server, for example, is a file that contains the following
elements:
•
A public encryption key to be used by clients for encrypting messages to the server.
•
Information identifying the operator of the server.
•
A digital signature confirming the identity of the operator of the server. Ideally, the
signature is from a trusted third party whose identity can be verified.
When a security alert is generated (see the following figure), the user can decide whether or
not to trust the host.
not to trust the host.
HTTPS SSL Settings
Select the Allow the UTM to handle HTTPS connections using SSLv2 check box to allow HTTPS
connections using SSLv2, SSLv3, or TLSv1. If this check box is cleared, the UTM allows HTTPS
connections using SSLv3 or TLSv1, but not using SSLv2.
connections using SSLv2, SSLv3, or TLSv1. If this check box is cleared, the UTM allows HTTPS
connections using SSLv3 or TLSv1, but not using SSLv2.
Show This Message When an SSL Connection Attempt Fails
By default, a rejected SSL connection is replaced with the following text, which you can customize:
The SSL connection to %URL% cannot be established because of %REASON%.
Note:
Make sure that you keep the %URL% and %REASON% metawords in a message to enable the
UTM to insert the correct URL information and the reason for the rejection.
Table 47. HTTPS Settings screen settings (continued)
Setting
Description