About the SSL Initiation Profile Page
To access this page, select Shared Services > Objects > SSL Initiation Profile.
SSL initiation is a process where the SRX Series Firewall acts as an SSL proxy client, initiates the SSL sessions with an SSL server. The SRX Series Firewall receives cleartext from an HTTP client. It encrypts and transmits the data as ciphertext to the SSL server. On the reverse side, the SRX Series decrypts the ciphertext that it receives from the SSL server and sends the data to the client as cleartext.
The profile contains the settings for the SSL-initiated connections. The settings include the list of supported ciphers and their priority, the supported versions of SSL/TLS, and a few other options.
Benefits of SSL Proxy
-
Decrypts SSL traffic to obtain granular application information and enable you to apply advanced security services protection and detect threats.
-
Enforces the use of strong protocols and ciphers by the client and the server.
-
Provides visibility and protection against threats embedded in SSL encrypted traffic.
-
Controls what needs to be decrypted by using Selective SSL Proxy.
Tasks You Can Perform
-
Create an SSL initiation profile—See Create an SSL Initiation Profile.
-
Edit or delete an SSL initiation profile—See Edit and Delete an SSL Initiation Profile.
-
Filter rules—Click the filter icon (funnel), and specify one or more filtering criteria. The filtered results are displayed on the same page.
Filter information based on select criteria. You can add filters, save the filters, and set any of the filters as default.
To add a filter:
Click the filter icon on the top-right corner of the page, and select Add Filter to open the Add Criteria page.
Set the filter conditions, and click Add.
The filter is saved and applied on the data.
To remove the filter, click the filter icon, and select Hide Filter.
-
Search for SSL initiation profiles by using keywords. To search:
Click the search icon in the top-right corner of the page.
Enter partial text or full text of the keyword in the text box and press Enter.
The search results are displayed on the same page.
Field Descriptions
Table 1 describes the field on the SSL Initiation Profile page.
Field |
Description |
---|---|
Name |
Displays the SSL initiation profile name. |
Flow Tracing |
Displays whether flow tracing is enabled or disabled for troubleshooting policy related issues. |
Protocol version |
Displays the accepted protocol SSL version. |
Cipher Strength |
Displays the preferred cipher which the SSH server uses to perform encryption and decryption function. |
SSL Session Cache |
Displays whether SSL session cache is enabled or not. |
Local Certificate |
Displays the local certificate for SSL. |
CA Certificate |
Displays the certificate authority profile for SSL. |