Silver Peak provides deduplication for Secure Socket Layer (SSL) encrypted WAN traffic by supporting the use of SSL certificates and keys.
This report summarizes the SSL certificates installed on appliances for decrypting non-SaaS traffic.
n Silver Peak decrypts SSL data using the configured certificates and keys, optimizes the data, and transmits data over an IPSec tunnel. The peer Silver Peak appliance uses configured SSL certificates to re-encrypt data before transmitting.
• X509 Privacy Enhanced Mail (PEM), Personal Information Exchange (PFX, generally for Microsoft servers), and RSA key 1024-bit and 2048-bit certificate formats.
• SAN (Subject Alternative Name) certificates. SAN certificates enable sharing of a single certificate across multiple servers and services.
• Protocol versions: SSLv3, SSLv3.3, TLS1.0, TLS1.1, TLS1.2
• Key exchanges: RSA, DHE, ECDHE
• Authentication: RSA
• Cipher algorithms: RC4, 3DES, AES128, AES256, AES128-GCM, AES256-GCM
• Message Digests: MD5, SHA, SHA256, SHA284
• The tunnels are in IPSec mode for both directions of traffic.
•
Please send comments or suggestions regarding user documentation to techpubs@silver-peak.com. |