J2320, J2350, J4350, and J6350 Services Router Getting Started Guide

Table 64: Secure Web Access Terms (continued)

Term

Definition

Hypertext Transfer

Protocol similar to HTTP with an added encryption layer that encrypts and decrypts

Protocol over Secure

user page requests and pages that are returned by a Web server. HTTPS is used for

Sockets Layer (HTTPS)

secure communication, such as payment transactions.

Privacy-Enhanced Mail

Technique for securely exchanging electronic mail over a public medium. PEM is based

(PEM)

upon public key infrastructure (PKI) standards like X.509 certificates. SSL certificates

 

are partly based on PEM and end in the suffix .pem.

RSA

Public key cipher that can be used for encrypting messages and making digital

 

signatures. RSA uses a well-known encryption and authentication algorithm that is a

 

part of popular Web browsers.

Secure Sockets Layer (SSL)

Protocol that encrypts security information before transmitting data across a network.

 

SSL requires two keys to encrypt data—a public key known to everyone and a private

 

or secret key known only to the recipient of the message—and an authentication

 

certificate. Most popular Web browsers support SSL.

SSL certificate

Secure electronic identifier conforming to the X.509 standard, definitively identifying

 

an individual, system, company, or organization. In addition to identification data,

 

the digital certificate contains a serial number, a copy of the certificate holder’s public

 

key, the identity and digital signature of the issuing certificate authority (CA), and an

 

expiration date.

Secure Web Access Overview

A Services Router uses the Secure Sockets Layer (SSL) protocol to provide secure management of Services Routers through the Web interface. SSL uses public-private key technology that requires a paired private key and an authentication certificate for providing the SSL service. SSL encrypts communication between your router and the Web browser with a session key negotiated by the SSL server certificate.

An SSL certificate includes identifying information such as a public key and a signature made by a certificate authority (CA). When you access the router through HTTPS, an SSL handshake authenticates the server and the client and begins a secure session. If the information does not match or the certificate has expired, you are not able to access the router through HTTPS.

Without SSL encryption, communication between your router and the browser is sent in the open and can be intercepted. We recommend that you enable HTTPS access on your WAN interfaces.

On J-series Services Routers, HTTP access is enabled by default on the built-in management interfaces. By default, HTTPS access is supported on any interface with an SSL server certificate.

Before You Begin

Before you begin initial configuration, complete the following tasks:

Establish basic connectivity. See “Establishing Basic Connectivity” on page 131.

154Secure Web Access Overview

Page 176
Image 176
Juniper Networks J6350, J4350 manual Secure Web Access Overview