Web server overview, Supported protocols – Allied Telesis AT-S63 User Manual

Page 756

background image

Chapter 32: Web Server

756

Section VIII: Management Security

Web Server Overview

The AT-S63 management software comes with web server software. The
software is available so that you can remotely manage the switch with a
web browser from any management station on your network. (The
instructions for managing a switch with a web browser are described in the
AT-S63 Network Management Web Browser Interface User’s Guide.)

The web server can operate in two modes. The first is referred to as non-
secure HTTP mode. In this mode, packets sent between the switch and
the web browser during a management session are transmitted in
plaintext. Anyone monitoring your network with a sniffer can view the
contents of the management packets.

The web server can also operate in the secure HTTPS mode where all
communications between the switch and a web browser are encrypted.
This feature uses the Secure Sockets Layer (SSL) protocol. It can help
protect your switch from intruders who might be monitoring your network.

If you intend to use the secure HTTPS mode of the web server, there are
several procedures you need to perform before you can configure the web
server. You must create an encryption key, as explained in Chapter 33,
“Encryption Keys” on page 763. You must also create
a certificate and add
the certificate to the certificate database. This latter part is explained in
Chapter 34, “PKI Certificates and SSL” on page 785. For an overview of
all the steps, see “General Steps for Configuring the Web Server for
Encryption” on page 760
.

The default setting for the web server is enabled, with the non-secure
HTTP mode as the default active mode.

Note

To use SSL in an enhanced stack, all switches in the stack must use
SSL. For further information, refer to “SSL and Enhanced Stacking”
on page 788.

Supported

Protocols

The switch supports the following HTTP and HTTPs protocols:

ˆ

HTTP v1.0 and v1.1 protocols

ˆ

HTTPS v1.0 and v1.1 protocols running over SSL

The switch supports the following SSL protocols:

ˆ

SSL version 2.0

ˆ

SSL version 3.0

ˆ

TLS (Transmission Layer Security) version 1.0