Secure sockets layer overview – Allied Telesis AT-S60 User Manual
Page 524
Chapter 25: Secure Sockets Layer (SSL)
Section V: Security Features
524
Secure Sockets Layer Overview
This chapter describes the Secure Sockets Layer (SSL) feature, a security
protocol that provides a secure and private TCP connection between a
client and server. You can configure the SSL feature using a local or
Telnet management session.
SSL can be used with many higher layer protocols including HTTP, File
Transfer Protocol (FTP) and Net News Transfer Protocol (NNTP). Most
web browsers and servers support SSL. The most common deployment
of SSL is for secure connections between a client and server over the
Internet. The switch supports SSL versions 2.0 (client hello only) and 3.0
which were developed by Netscape, and the Internet Engineering Task
Force (IETF) standard for SSL, known as SSL version 3.1 or Transport
Layer Security (TLS).
Within the Ethernet protocol stack, SSL is a layer 4 protocol that lies in
between the HTTP and TCP protocol layers. HTTP communicates with
SSL in the same way as with TCP. In other words, TCP processes SSL
requests like any other protocol requesting its services.
SSL provides a secure connection over which web pages can be
accessed from an HTTP server. The operation of SSL is transparent to the
end user who is accessing a web site with the following exceptions:
❑ the site’s URL changes from http to https
❑ the browser displays a padlock icon.
By default, HTTP and HTTPS use the separate well-known ports 80 and
443 respectively. Secure connections over the Internet are important
when transmitting confidential data such as credit card details or
passwords. In addition, SSL allows the client to verify the server’s identity
before either side sends any sensitive information. SSL also prevents a
third party from interfering with the message because only trusted
devices have access to the unprotected data.
The SSL feature is described in more detail in the following sections: