DefensePro User Guide
Security Configuration
Document ID: RDWR-DP-V0602_UG1201
181
Safe-Reset method. To decrypt and re-encrypt the SSL packets during the challenge process,
DefensePro uses the SSL engine of a specified Alteon device. DefensePro allows traffic from
validated clients to pass through the DefensePro device to the protected server.
The DefensePro SSL Mitigation mechanism works as follows:
1. The DefensePro device receives a SYN packet from a client on port 443.
2. DefensePro responds with an ACK packet with an invalid Sequence Number field as cookie.
3. If the client responds with RST and the cookie, DefensePro discards the packet, and adds the
source IP address to the TCP Authentication Table.
4. The DefensePro device passes the next SYN packet from the same source to the SSL engine of
the specified Alteon device.
5. The Alteon device performs the SSL handshake with the client.
6. The DefensePro device passes the following HTTPS GET or POST request from the same source
to the SSL engine of the Alteon device.
7. The Alteon device communicates with the DefensePro device to generate an encrypted
challenge.
8. The DefensePro device sends the encrypted HTTPS challenge to the client.
9. The DefensePro device receives a valid response from the client and considers the connection to
be legitimate.
10. The DefensePro device adds the source IP address to the HTTP Authentication Table.
11. The DefensePro device passes the encrypted HTTPS response to the SSL engine of the Alteon
device.
12. The Alteon device communicates with the DefensePro device to generate an encrypted
termination message.
13. The next SYN packet from the validated source passes through the DefensePro device to the
server that is under attack, and DefensePro acts as a transparent proxy for the remainder of the
session.
To configure an SSL mitigation policy
1. In the Configuration perspective Network Protection tab navigation pane, select SYN
Protection Profiles > SSL Mitigation Policies Parameters.
2. To add or modify a policy, do one of the following:
—
To add a policy, click the
(Add) button.
—
To edit a policy, double-click the entry in the table.
3. Configure the parameters; and then, click OK.
Table 94: SSL Mitigation Policy Parameters
Parameter
Description
Name
The name of the policy.
SSL VIP
The IPv4 VIP address on the Alteon device.
SSL Server IP Address The IPv4 address of the SSL server specified on the Alteon device.
VIP MAC
The MAC address of the Alteon device.
Summary of Contents for DefensePro 6.02
Page 1: ...DefensePro User Guide Software Version 6 02 Document ID RDWR DP V0602_UG1201 January 2012 ...
Page 2: ...DefensePro User Guide 2 Document ID RDWR DP V0602_UG1201 ...
Page 20: ...DefensePro User Guide 20 Document ID RDWR DP V0602_UG1201 ...
Page 28: ...DefensePro User Guide Table of Contents 28 Document ID RDWR DP V0602_UG1201 ...
Page 116: ...DefensePro User Guide Device Network Configuration 116 Document ID RDWR DP V0602_UG1201 ...
Page 302: ...DefensePro User Guide Real Time Security Reporting 302 Document ID RDWR DP V0602_UG1201 ...
Page 308: ...DefensePro User Guide Administering DefensePro 308 Document ID RDWR DP V0602_UG1201 ...
Page 324: ...DefensePro User Guide Troubleshooting 324 Document ID RDWR DP V0602_UG1201 ...