Main
Copyright
Trademarks
Table of Contents
Chapter 3: Theory of Operation
Chapter 4: Scenarios
Chapter 5: Command Reference
Chapter 6: Remote Management
Chapter 7: Alarms and Monitoring
Chapter 8: Software Updates
Page
List of Figures
Page
Introduction
About this User Guide
New in This Release
Who Should Use this Book
Before You Begin
How to Use this Book
Page
Page
Installation and Initial Configuration
Before You Begin
Installing the 7110/7115 Free- Standing or in a Rack
Rack Installation
Free-Standing Installation
Network Connections
Status Check
Network and Server LEDs
Inline LED
Admin Terminal Connection
HyperTerminal Paste Operations
Troubleshooting
Server and Network LEDs
Inline LED
Continuing Configuration
Theory of Operation
Multiple Servers
Working with Internet Traffic Management (ITM) Devices
Positioning 7110/7115 between ITM Device and Client Network
Positioning 7110/7115 between ITM Device and Server
Multiple 7110/7115s and Cascading Processing
Scalability and Cascading
Spilling and Throttling
Availability
Keys and Certificates
Cutting and Pasting with HyperTerminal
Obtaining a Certificate from VeriSign or Other Certificate Authority
Procedure
Page
C H A P T E R 3 Keys and Certificates
Typically, the CSR will look something like this:
Exporting a Key/Certificate from a Server
Apache Interface to Open SSL (mod_ssl)
Apache SSL
Stronghold
Importing into the 7110/7115
Page
Creating a new Key/Certificate on the 7110/7115
Procedure
Global Site Certificates
Overview
Global Site Certificate Paste Procedure
Redirection: Clients and Unsupported Ciphers
Client Authentication
Page
Creating a Client CA Certificate using OpenSSL
SSL Processing
Mapping
Automapping
Automapping with user-specified key and certificate
Automapping with multiple port combinations
Deleting automapping entries
Manual mapping
Combining automapping and manual mapping
Blocking
Specific IP, Specific Port
Subnet IP, Specific Port
All IPs, Specific Port
Delete a Block
Page
Scenarios
Syntax
Scenario 1Single Server
Procedure for Scenario 1
Automapping
Manual Configuration
Page
Scenario 2Multiple Servers
Procedure for Scenario 2
Page
Scenario 3Multiple 7110/ 7115s, Cascaded
Assumptions
Procedure for Scenario 3
Page
Scenario 4Different Ingress and Egress Routers
Procedure for Scenario 4
Command Reference
Online Help
Command Line Interface
User Authentication
Command Line Prompt
Abbreviation to Uniqueness
Page
Input Editing Commands
Moving the Insertion Point
Command History
Cut and Paste
Command Summary
Page
Page
Page
Page
Command Reference
Help Commands
Status Command
SSL Commands
Page
Page
Page
Page
Page
Page
Page
Page
Page
Port Mapping Commands
Page
Page
Operational Commands
Page
Remote Management Commands
Page
Page
Page
Page
Page
Page
Alarms and Monitoring Commands
Page
Page
Page
Configuration Commands
C H A P T E R 5 Command Reference
Command Description
Page
Page
Page
Page
Administration Commands
Page
Page
Logging Commands
Page
Remote Management
Overview
Limitations
Remote Management CLI Commands
Page
Remote Telnet Sessions
Local Serial Console
Remote Console, Telnet
Changing the Telnet Port
Disabling Telnet
Remote SSh Sessions
Local Serial Console
Remote Console, SSh
Changing the SSh Port
Disabling SSh
SNMP
Standards Compliance
Intel MIB Tree
Supported MIBs
Where to find MIB Files
Enterprise Private MIB Summary
Following is a summary of the 7110/7115 private MIB:
Page
Page
Page
Page
Trap Summary
Standard SNMP Traps
Private Traps in ssl-appliance-mib.my
Enabling SNMP.
SNMP: disable
SNMP: enable
Specifying SNMP Information
Community String
6-20
Trap Community String
Access Control
Page
Alarms and Monitoring
Overview
Page
Alarm Types
ESC: Encryption Status Change Alarm
Alarm Modifiers and Messages:
RSC: Refused SSL Connections
Alarm Modifiers and Messages
Extended Data
RSC Alarm CLI Commands
UTL: Utilization Threshold Alarm
Alarm Modifiers and Messages
Extended Data
UTL Alarm CLI commands
To set Utilization Threshold Alarm time window:
To set Utilization Threshold Alarm high-water value:
To set Utilization Threshold Alarm low-water value:
OVL: Overload Alarm
Alarm Modifiers and Messages:
Extended Data:
OVL Alarm CLI Commands:
NLS: Network Link Status Alarm
Alarm Logging
Page
Page
C H A P T E R 7 Alarm Logging
Example, status alarms command:
Monitoring
Monitoring Reports
Report Configuration
Monitoring Reports CLI Commands
Below are the CLI commands for console monitoring, with defaults and ranges where applicable:
Page
Page
Software Updates
Using Windows HyperTerminal
Using Unix cu and uuencoded image file
Page
Page
Page
Troubleshooting
Page
Page
Page
Front Panel
Buttons and Switches
Front Panel LEDs
(See Appendix B, Failure/ Bypass Modes)
Connectors
Failure/Bypass Modes
Bypass Button
Fail-through Switch (Security Level)
Page
Page
Supported Ciphers
Cipher Strength
SSL Version Level
Page
Page
Page
VCCI Statement
FCC Part 15 Compliance Statement
CAUTION:
Canada Compliance Statement (Industry Canada)
CE Compliance Statement
CISPR 22 Statement
AVERTISSEMENT
WARNUNG
AVVERTENZA
ADVERTENCIAS
Wichtige Sicherheitshinweise
Page
Page
T erms and Conditions and Software License
E-2
E-3
E-4
E-5
E-6
E-7
E-8
Glossary
Page
Page
Page
Support Services
Page
Page
Page
Index