Filter
Top Products
Administration Guide 11
New Features
The virtual TCP circuit is using industry standard Secure Socket Layer (SSL) and Transport Layer Security
(TLS) encryption. All packets destined for the private network are transported over the virtual TCP cir-
cuit. The Firebox SSL VPN Gateway is essentially acting as a low-level packet filter with encryption. It
drops traffic that does not have authentication or does not have permission for a particular network.
The Firebox SSL VPN Gateway opens up the following ports:
• Port 443 is opened for VPN network traffic
• Ports 9001 and 9002 are opened for administrator traffic for the Administration Portal and
Administration Tool
The first time the Firebox SSL VPN Gateway is started, use the Firebox SSL VPN Gateway Administration
Tool to configure the basic settings that are specific to your corporate network, such as the IP address,
subnet mask, default gateway IP address, and DNS address. After you complete the basic connection,
you then configure the settings specific to Firebox SSL VPN Gateway operation, such as the options for
authentication, authorization, and group-based access control, kiosk mode, end point resources and
polices, portal pages, and IP pools.
New Features
The v5.5 software update for the Firebox SSL Core VPN Gateway includes the following new features:
Authentication and one-time passwords
You can configure the Firebox SSL VPN Gateway to prevent caching of one-time passwords, such as
those used by an RSA SecurID. When this feature is enabled, it prevents users from being locked out of
their accounts in the event of a network interruption.
New versions of the Secure Access Client
There is a new version of the Secure Access Client for Windows Vista. This version of the Secure Access
Client is installed with the same ease-of-use as other versions of the Secure Access Client.
Configurable symmetric encryption ciphers
You can select the specific cipher that the Firebox SSL VPN Gateway uses for symmetric data encryption
on an SSL connection. You can select one of these three encryption ciphers:
RC4 128 Bit, MD5/SHA
3DES, SHA
AES 128/256 Bit, SHA
Automatic detection of proxy server settings
In this release, the Secure Access Client automatically detects the proxy server settings specified in the
operating system and when users are using Internet Explorer. Proxy server settings specified in proxy
autoconfiguration files are not supported.