For more instructions on managing users and operations, monitoring network performance,
upgrading software, and diagnosing common problems on an SRX110 Series Services
Gateway, see the following guides:
•
Initial Configuration for Security Devices
•
Monitoring and Troubleshooting for Security Devices
Related
Documentation
Performing Initial Software Configuration on the SRX110 Services Gateway Using the
CLI on page 86
•
• SRX110 Services Gateway Software Configuration Overview on page 83
• SRX110 Services Gateway Secure Web Access Overview on page 92
SRX110 Services Gateway Secure Web Access Overview
You can manage a services gateway remotely through the J-Web interface. To
communicate with the services gateway, the J-Web interface uses Hypertext Transfer
Protocol (HTTP). HTTP allows easy Web access but no encryption. The data that is
transmitted between the Web browser and the services gateway by means of HTTP is
vulnerable to interception and attack. To enable secure Web access, the services gateway
supports HTTP over Secure Sockets Layer (HTTPS). You can enable HTTP or HTTPS
access on specific interfaces and ports as needed.
The services gateway uses the SSL protocol to provide secure management of services
gateways through the J-Web. SSL uses public-private key technology that requires a
paired private key and an authentication certificate for providing the SSL service. SSL
encrypts communication between your device and the Web browser with a session key
negotiated by the SSL server certificate.
An SSL certificate includes identifying information such as a public key and a signature
made by a certificate authority (CA). When you access the services gateway through
HTTPS, an SSL handshake authenticates the server and the client and begins a secure
session. If the information does not match or if the certificate has expired, your access
to the services gateway through HTTPS is restricted.
Without SSL encryption, communication between your services gateway and the browser
is sent in the open and can be intercepted. We recommend that you enable HTTPS access
on your WAN interfaces.
For more information about configuring secure Web access, see the following topics:
•
Initial Configuration for Security Devices
•
Monitoring and Troubleshooting for Security Devices
Related
Documentation
• SRX110 Services Gateway Software Configuration Overview on page 83
• Performing Initial Software Configuration on the SRX110 Services Gateway Using the
CLI on page 86
Copyright © 2013, Juniper Networks, Inc.92
SRX110 Services Gateway Hardware Guide
To Next Page
Loading...
Need help?
General
