When should the Generic SSL offloading be deployed?

Description

When should the Generic SSL offloading be deployed?

Resolution

Generic SSL offloading is meant to be used for customer client/server applications that use SSL for security.

It is supposed to be used for custom SSL applications that require SSL offloading, that is non-HTTPS applications. 

Generic offloading should NOT be deployed for HTTP/HTTPS applications since Web Application Firewall is not supported by Generic offloading. Since there is no layer 7 analysis Generic offloading is vulnerable to various HTTP/HTTPS attack such as: HTTP 30X redirects, Cross-Site Request Forgery, Cookie Tampering etc.

Other layer 7 controls such as URL rewriting, authentication controls, load balancing are also not supported by Generic SSL offloading.

Related Articles

  • SMA100 End of Support No-Charge Replacement FAQ
    Read More
  • SMA1000: Post upgrade to 12.5.0 on AWS and Azure, we show the error Could not retrieve the DNS settings once we log in to AMC/CMS console
    Read More
  • Firmware version required to upgrade to version 12.5.0.
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community