ON THIS PAGE
SSL Initiation Profiles Overview
SSL initiation is a process where the SRX Series Firewall acts as an SSL proxy client, initiates the SSL sessions with an SSL server. The SRX Series Firewall receives cleartext from an HTTP client. It encrypts and transmits the data as ciphertext to the SSL server. On the reverse side, the SRX Series decrypts the ciphertext that it receives from the SSL server and sends the data to the client as cleartext.
The profile contains the settings for the SSL-initiated connections. The settings include the list of supported ciphers and their priority, the supported versions of SSL/TLS, and a few other options.
To access this page, select Shared Services > Objects > SSL Initiation Profile.
Benefits
-
Decrypts SSL traffic to obtain granular application information and enable you to apply advanced security services protection and detect threats.
-
Enforces the use of strong protocols and ciphers by the client and the server.
-
Provides visibility and protection against threats embedded in SSL encrypted traffic.
-
Controls what needs to be decrypted by using Selective SSL Proxy.
Field Descriptions
|
Field |
Description |
|---|---|
|
Name |
Displays the SSL initiation profile name. |
|
Flow Tracing |
Displays whether flow tracing is enabled or disabled for troubleshooting policy related issues. |
|
Protocol version |
Displays the accepted protocol SSL version. |
|
Cipher Strength |
Displays the preferred cipher which the SSH server uses to perform encryption and decryption function. |
|
SSL Session Cache |
Displays whether SSL session cache is enabled or not. |
|
Local Certificate |
Displays the local certificate for SSL. |
|
CA Certificate |
Displays the certificate authority profile for SSL. |