NETGEAR STM300EW-100NAS Network Hardware User Manual


 
ProSecure Web/Email Security Threat Management (STM) Appliance Reference Manual
Content Filtering and Optimizing Scans 4-39
v1.0, September 2009
3. Complete the fields and select the checkboxes as explained in Table 4-13.
4. Click Apply to save your settings.
Specifying Trusted Hosts
You can specify trusted hosts for which the STM bypasses HTTPS traffic scanning and security
certificate authentication. The security certificate is sent directly to the client for authentication,
which means that the user does not receive a security alert for trusted hosts. For more information
about security alerts, see “Managing Digital Certificates” on page 3-25.
Table 4-13. HTTPS Settings
Setting Description
HTTP Tunneling
Select this checkbox to allow scanning of HTTPS connections through an HTTP proxy, which is
disabled by default. Traffic from trusted hosts is not scanned (see “Specifying Trusted Hosts” on
page 4-39).
Note: For HTTPS scanning to occur properly, you must add the HTTP proxy server port in the Ports to
Scan field for the HTTPS service on the Services screen (see “Configuring the HTTP Proxy Settings”
on page 3-7).
HTTPS 3rd Party Website Certificate Handling
Select this checkbox to allow a Secure Sockets Layer (SSL) connection with a valid certificate that is
not signed by a trusted certificate authority (CA). The default setting is to allow such as a connection.
Show This Message When an SSL Connection Attempt Fails
By default, a rejected SSL connection is replaced with the following text, which you can customize:
The SSL connection cannot be established.|
URL: %URL%
REASON: %REASON% ”
Note: The text is displayed on the HTTPS Settings screen with HTML tags. Click Preview to open a
screen that displays the notification text in HTML format.
Note: Make sure that you keep the %URL% and %REASON% meta words in the text to enable the
STM to insert the proper URL information and the reason of the rejection.
Note: For information about certificates that are used for SSL connections and HTTPS
traffic, see “Managing Digital Certificates” on page 3-25.