Dell PowerConnect J-SRX100 Hardware Guide - Page 95

J-SRX100 Services Gateway Secure Web Access Overview

Get Dell PowerConnect J-SRX100 PDF manuals and user guides View all Dell PowerConnect J-SRX100 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 95 highlights

Chapter 13: Performing Initial Software Configuration on the J-SRX100 Services Gateway d. Scroll down to the Interfaces Configuration panel on the page to add an interface to a specific zone. e. Click OK to save the configuration. 6. Configure basic security policies. a. In the J-Web interface, under the Configure tab, navigate to Security > Policy. b. In the Security Policy page, click Add. c. Enter a name for the policy and select the source and destination zones. d. Enter a source address, destination address, and an application. e. Select Policy Action as Permit, or Deny, or Reject. f. Click OK to save the configuration. NOTE: Click Commit to apply the configuration and other pending changes (if any) and click Discard to discard pending changes. For more instructions on managing users and operations, monitoring network performance, upgrading software, and diagnosing common problems on a J-SRX100 Series Services Gateway, see the Junos OS Administration Guide. J-SRX100 Services Gateway Secure Web Access Overview You can manage a services gateway remotely through the J-Web interface. To communicate with the services gateway, the J-Web interface uses Hypertext Transfer Protocol (HTTP). HTTP allows easy Web access but no encryption. The data that is transmitted between the Web browser and the services gateway by means of HTTP is vulnerable to interception and attack. To enable secure Web access, the services gateway supports HTTP over Secure Sockets Layer (HTTPS). You can enable HTTP or HTTPS access on specific interfaces and ports as needed. The services gateway uses the SSL protocol to provide secure management of services gateways through the J-Web. SSL uses public-private key technology that requires a paired private key and an authentication certificate for providing the SSL service. SSL encrypts communication between your device and the Web browser with a session key negotiated by the SSL server certificate. An SSL certificate includes identifying information such as a public key and a signature made by a certificate authority (CA). When you access the services gateway through HTTPS, an SSL handshake authenticates the server and the client and begins a secure session. If the information does not match or if the certificate has expired, your access to the services gateway through HTTPS is restricted. 81

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
d.
Scroll down to the Interfaces Configuration panel on the page to add an interface
to a specific zone.
e.
Click
OK
to save the configuration.
6.
Configure basic security policies.
a.
In the J-Web interface, under the Configure tab, navigate to
Security > Policy
.
b.
In the Security Policy page, click
Add
.
c.
Enter a name for the policy and select the source and destination zones.
d.
Enter a source address, destination address, and an application.
e.
Select Policy Action as
Permit
, or
Deny
, or
Reject
.
f.
Click
OK
to save the configuration.
NOTE:
Click
Commit
to apply the configuration and other pending changes
(if any) and click
Discard
to discard pending changes.
For more instructions on managing users and operations, monitoring network performance,
upgrading software, and diagnosing common problems on a J-SRX100 Series Services
Gateway, see the
Junos OS Administration Guide
.
J-SRX100 Services Gateway Secure Web Access Overview
You can manage a services gateway remotely through the J-Web interface. To
communicate with the services gateway, the J-Web interface uses Hypertext Transfer
Protocol (HTTP). HTTP allows easy Web access but no encryption. The data that is
transmitted between the Web browser and the services gateway by means of HTTP is
vulnerable to interception and attack. To enable secure Web access, the services gateway
supports HTTP over Secure Sockets Layer (HTTPS). You can enable HTTP or HTTPS
access on specific interfaces and ports as needed.
The services gateway uses the SSL protocol to provide secure management of services
gateways through the J-Web. SSL uses public-private key technology that requires a
paired private key and an authentication certificate for providing the SSL service. SSL
encrypts communication between your device and the Web browser with a session key
negotiated by the SSL server certificate.
An SSL certificate includes identifying information such as a public key and a signature
made by a certificate authority (CA). When you access the services gateway through
HTTPS, an SSL handshake authenticates the server and the client and begins a secure
session. If the information does not match or if the certificate has expired, your access
to the services gateway through HTTPS is restricted.
81
Chapter 13: Performing Initial Software Configuration on the J-SRX100 Services Gateway