Srx210 services gateway secure web access overview – Juniper Networks SRX 210 User Manual
Page 111
You can use other wizards to configure basic firewall policies, VPN settings, and NAT
rules. Choose
Configure > Wizards
to use the available wizards. Use the J-Web interface
or the CLI for more extensive configuration.
For more instructions on managing users and operations, monitoring network performance,
upgrading software, and diagnosing common problems on an SRX210 Services Gateway,
see
.
SRX210 Services Gateway Secure Web Access Overview
You can manage a services gateway remotely through the J-Web interface. To
communicate with the services gateway, the J-Web interface uses Hypertext Transfer
Protocol (HTTP). HTTP allows easy Web access but no encryption. The data that is
transmitted between the Web browser and the services gateway by means of HTTP is
vulnerable to interception and attack. To enable secure Web access, the services gateway
supports HTTP over Secure Sockets Layer (HTTPS). You can enable HTTP or HTTPS
access on specific interfaces and ports as needed.
The services gateway uses the SSL protocol to provide secure management of services
gateways through the J-Web. SSL uses public-private key technology that requires a
paired private key and an authentication certificate for providing the SSL service. SSL
encrypts communication between your device and the Web browser with a session key
negotiated by the SSL server certificate.
An SSL certificate includes identifying information such as a public key and a signature
made by a certificate authority (CA). When you access the services gateway through
HTTPS, an SSL handshake authenticates the server and the client and begins a secure
session. If the information does not match or if the certificate has expired, your access
to the services gateway through HTTPS is restricted.
Without SSL encryption, communication between your services gateway and the browser
is sent in the open and can be intercepted. We recommend that you enable HTTPS access
on your WAN interfaces.
For more information about configuring secure Web access, see the following topics:
•
•
Related
Documentation
•
SRX210 Services Gateway Software Configuration Overview on page 85
95
Copyright © 2013, Juniper Networks, Inc.
Chapter 15: Performing Initial Software Configuration on the SRX210 Services Gateway