(Supporting ADX v03.1.00) Owner's manual
Table Of Contents
- Contents
- Preface
- Introduction to the Brocade Virtual ADX Web Interface
- Navigating the Web Interface
- Navigating the Dashboard
- Configuration Overview
- System Settings
- Network Settings
- Traffic Settings
- GSLB Settings
- Security Settings
- Monitoring Overview
- Viewing System Information
- Viewing Network Status
- Viewing Traffic Statistics
- Viewing Security Statistics
- Maintenance Overview
- Managing Software Images
- Restarting the System
- License Management
- Packet Capture
- Accessing the CLI
- Retrieving System Information for Technical Support
- Troubleshooting
- Config Template XML Schema
- Managing Config Templates through the CLI
Brocade Virtual ADX Graphical User Interface Guide 135
53-1003242-01
Chapter
9
Security Settings
In this chapter
•SSL overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
•SSL private keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
•SSL certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
•SSL profile bindings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
•SSL certificate revocation lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
•Access Control Lists. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
•SYN-Proxy settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
•SYN-Proxy server tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
•RADIUS controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
•RADIUS servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
•TACACS controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
SSL overview
The Secure Sockets Layer (SSL) protocol provides security and privacy between client and server
over the Internet. SSL supports server and client certificate verification, and negotiates encryption
keys and authenticates the server before data is exchanged by the high-level applications.
The SSL “handshake” is a key concept in the SSL protocol. The handshake involves server
authentication and an optional client certificate verification. In server authentication, the server
sends its certificate and the cipher preferences to a client that has made a request. The client then
generates a master key, encrypts it with the public key of the server, and returns the encrypted
master key to the server.
The software included with the Brocade Virtual ADX allows you to create and upload private keys,
upload existing certificates, generate certificate signing requests and self-signed certificates, and
also create both SSL profiles and certificate revocation lists.
SSL private keys
A key pair file specifies the location for retrieving SSL asymmetric key pair during an SSL
handshake. You can generate key pair file locally on a device or import a pre-existing key pair.
Use the SSL Keys page to:
• View the summary of configured SSL keys, including key name, format, and key length.
• Click Upload to upload an existing SSL key to the device. See “Generating private keys”.