Manuals / Cisco Systems / Household Appliance / Home Safety Product

Cisco Systems VPN 3002 SSL Version, Generated Certificate Key Size, 8-12, Apply/Cancel, Reminder

Models: VPN 3002

1 282
Download 282 pages 2.25 Kb
Page 90
Image 90
SSL Version

Chapter 8 Management Protocols

Configuration System Management Protocols SSL

SSL Version

Click the drop-down menu button and select the SSL version to use. SSL Version 3 has more security options than Version 2, and TLS (Transport Layer Security) Version 1 has more security options than SSL Version 3. Some clients that send an SSL Version 2 “Hello” (initial negotiation), can actually use a more secure version during the session. Telnet/SSL clients usually can use only SSL Version 2.

Choices are:

Negotiate SSL V2/V3 = The server tries to use SSL Version 3 but accepts Version 2 if the client can not use Version 3. This is the default selection. This selection works with most browsers and Telnet/SSL clients.

SSL V3 with SSL V2 Hello = The server insists on SSL Version 3 but accepts an initial Version 2 “Hello.”

SSL V3 Only = The server insists on SSL Version 3 only.

SSL V2 Only = The server insists on SSL Version 2 only. This selection works with most Telnet/SSL clients.

TLS V1 Only = The server insists on TLS Version 1 only. At present, only Microsoft Internet Explorer 5.0 supports this option.

TLS V1 with SSL V2 Hello = The server insists on TLS Version 1 but accepts an initial SSL Version 2 “Hello.” At present, only Microsoft Internet Explorer 5.0 supports this option.

Generated Certificate Key Size

Click the drop-down menu button and select the size of the RSA key that the VPN 3002 uses in its self-signed (generated) SSL server certificate. A larger key size increases security, but it also increases the processing necessary in all transactions over SSL. The increases vary depending on the type of transaction (encryption or decryption).

Choices are:

512-bit RSA Key = This key size provides sufficient security. It is the most common, and requires the least processing.

768-bit RSA Key = This key size provides normal security and is the default selection. It requires approximately 2 to 4 times more processing than the 512-bit key.

1024-bit RSA Key = This key size provides high security. It requires approximately 4 to 8 times more processing than the 512-bit key.

Apply/Cancel

To apply your SSL settings, and to include your settings in the active configuration, click Apply. The Manager returns to the initial Login screen.

Reminder:

To save the active configuration and make it the boot configuration, click the Save Needed icon at the top of the Manager window.

To discard your settings, click Cancel. The Manager returns to the Configuration System Management Protocols screen.

VPN 3002 Hardware Client Reference

8-12

OL-1893-01

 

 

 

Page 89 Page 91
Page 90
Image 90
Cisco Systems VPN 3002 manual SSL Version, Generated Certificate Key Size, 8-12, Apply/Cancel, Reminder
Page 89 Page 91