D-Link DGS-3120-24TC Product Manual - Page 253

xStack® DGS-3120 Series Managed Switch Web UI Reference Guide Click the Apply button to accept the changes made. To set up the SSL cipher suite function on the Switch, configure the parameters in the SSL Cipher suite Settings section described below: Parameter Description RSA with RC4_128_MD5 This cipher suite combines the RSA key exchange, stream cipher RC4 encryption with 128-bit keys and the MD5 Hash Algorithm. Use the radio buttons to enable or disable this cipher suite. This field is Enabled by default. RSA with 3DES EDE CBC SHA This cipher suite combines the RSA key exchange, CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm. Use the radio buttons to enable or disable this cipher suite. This field is Enabled by default. DHS DSS with 3DES EDE CBC SHA This cipher suite combines the DSA Diffie Hellman key exchange, CBC Block Cipher 3DES_EDE encryption and SHA Hash Algorithm. Use the radio buttons to enable or disable this cipher suite. This field is Enabled by default. RSA EXPORT with RC4 This cipher suite combines the RSA Export key exchange and stream cipher RC4 40 MD5 encryption with 40-bit keys. Use the radio buttons to enable or disable this cipher suite. This field is Enabled by default. Click the Apply button to accept the changes made. To download SSL certificates, configure the parameters in the SSL Certificate Download section described below. Parameter Description Server IP Address Enter the IPv4 address of the TFTP server where the certificate files are located. Certificate File Name Enter the path and the filename of the certificate file to download. This file must have a .der extension. (Ex. c:/cert.der) Key File Nam Enter the path and the filename of the key file to download. This file must have a .der extension (Ex. c:/pkey.der) Click the Download button to download the SSL certificate based on the information entered. NOTE: Certain implementations concerning the function and configuration of SSL are not available on the web-based management of this Switch and need to be configured using the command line interface. NOTE: Enabling the SSL command will disable the web-based switch management. To log on to the Switch again, the header of the URL must begin with https://. Entering anything else into the address field of the web browser will result in an error and no authentication will be granted. SSH SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts. SSH, with its array of unmatched security features is an essential tool in today's networking environment. It is a powerful guardian against numerous existing security hazards that now threaten network communications. The steps required to use the SSH protocol for secure communication between a remote PC (the SSH client) and the Switch (the SSH server) are as follows: 1 Create a user account with admin-level access using the User Accounts window. This is identical to creating any other admin-level User Account on the Switch, including specifying a password. This password is used to logon to the Switch, once a secure communication path has been established using the SSH protocol. 2 Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH connections with the Switch using the SSH User Authentication Mode window. There are 245