hit counter script

Supporting Other Secure Protocols; Example: Configuring A Secure Mail Server; Supporting Fips - Cisco CSS11501 - 100Mbps Ethernet Load Balancing Device Configuration Manual

11000 series secure content accelerator
Hide thumbs Also See for CSS11501 - 100Mbps Ethernet Load Balancing Device:
Table of Contents

Advertisement

Chapter 4
Using the Configuration Manager

Supporting Other Secure Protocols

Example: Configuring a Secure Mail Server

Note

Supporting FIPS

78-13124-05
Along with SSL, Cisco Secure Content Accelerator devices can support other
secure protocols using TLS v1.0, SSL v2.0, and SSL v3.0. IMAPS, POP3S,
NNTPS, and LDAPS are some examples. The steps below show how to configure
the SSL appliance for setting up a secure server to process only POP3S (S-POP)
mail.
The steps in this example are abbreviated to show only relevant
changes from the standard SSL server setup.
1.
Initiate a management session as described above. Enter Privileged and
Configuration modes. Enter a default router. Enter SSL Configuration mode.
2.
Enter Server Configuration mode and create a server named mySecureMail.
Assign an IP address and netmask. Assign port 995 for monitoring for POP3S
(S-POP) connections and port 110 for sending clear text. Assign the
appropriate key, certificate, and security policy. Return to Privileged mode.
(config-ssl[myDevice])# server mySecureMail create
(config-ssl-server[myServer])# sslport 995
(config-ssl-server[myServer])# remoteport 110
(config-ssl-server[myServer])# finished
SCA#
3.
Save the configuration to flash memory. If not saved, the configuration is lost
during a power cycle or when the reload command is used.
SCA# write flash
SCA#
Refer to Chapter 6, FIPS Operation, for instructions to use the Secure Content
Accelerator in FIPS-compliant operation mode.
Cisco 11000 Series Secure Content Accelerator Configuration Guide
Supporting Other Secure Protocols
4-27

Advertisement

Table of Contents
loading

Table of Contents