Netgear STM300 STM 150-300-600 Reference Manual (PDF) - Page 123

ProSecure Web/Email Security Threat Management (STM) Appliance 3. Select the check boxes and complete the field and as explained in the following table: Table 36. HTTPS Settings Setting HTTP Tunneling Description Select this check box to allow scanning of HTTPS connections through an HTTP proxy, which is disabled by default. Traffic from trusted hosts is not scanned (see Specifying Trusted Hosts on page 124). Note: For HTTPS scanning to occur correctly, you need to add the HTTP proxy server port in the Ports to Scan field for the HTTPS service on the Services screen (see Configuring the HTTP Proxy Settings on page 60). HTTPS SSL Settings Select the Allow the STM to handle HTTPS connections using SSLv2 check box to allow HTTPS connections using SSLv2, SSLv3, or TLSv1. If this check box is cleared, the STM allows HTTPS connections using SSLv3 or TLSv1, but SSLv2 connections are dropped by the STM. HTTPS 3rd Party Website Certificate Handling Select this check box to allow a Secure Sockets Layer (SSL) connection with a valid certificate that is not signed by a trusted Certificate Authority (CA). The default setting is to allow such as a connection. Show This Message When an SSL Connection Attempt Fails By default, a rejected SSL connection is replaced with the following text, which you can customize: The SSL connection cannot be established. URL: %URL% REASON: %REASON% Note: The text is displayed on the HTTPS Settings screen with HTML tags. Click Preview to open a screen that displays the notification text in HTML format. Note: Make sure that you keep the %URL% and %REASON% metawords in the text to enable the STM to insert the correct URL information and the reason of the rejection. 4. Click Apply to save your settings. Note: For information about certificates that are used for SSL connections and HTTPS traffic, see Managing Digital Certificates on page 76. Chapter 4. Content Filtering and Optimizing Scans | 123