Secure web access overview, Before you begin, 154 before you begin – Juniper Networks J-series Services Router J2320 User Manual

Table 64: Secure Web Access Terms (continued)

Definition

Term

Protocol similar to HTTP with an added encryption layer that encrypts and decrypts
user page requests and pages that are returned by a Web server. HTTPS is used for
secure communication, such as payment transactions.

Hypertext Transfer
Protocol over Secure
Sockets Layer (HTTPS)

Technique for securely exchanging electronic mail over a public medium. PEM is based
upon public key infrastructure (PKI) standards like X.509 certificates. SSL certificates
are partly based on PEM and end in the suffix

.pem

.

Privacy-Enhanced Mail
(PEM)

Public key cipher that can be used for encrypting messages and making digital
signatures. RSA uses a well-known encryption and authentication algorithm that is a
part of popular Web browsers.

RSA

Protocol that encrypts security information before transmitting data across a network.
SSL requires two keys to encrypt data—a public key known to everyone and a private
or secret key known only to the recipient of the message—and an authentication
certificate. Most popular Web browsers support SSL.

Secure Sockets Layer (SSL)

Secure electronic identifier conforming to the X.509 standard, definitively identifying
an individual, system, company, or organization. In addition to identification data,
the digital certificate contains a serial number, a copy of the certificate holder’s public
key, the identity and digital signature of the issuing certificate authority (CA), and an
expiration date.

SSL certificate

Secure Web Access Overview

A Services Router uses the Secure Sockets Layer (SSL) protocol to provide secure
management of Services Routers through the Web interface. SSL uses public-private
key technology that requires a paired private key and an authentication certificate
for providing the SSL service. SSL encrypts communication between your router and
the Web browser with a session key negotiated by the SSL server certificate.

An SSL certificate includes identifying information such as a public key and a signature
made by a certificate authority (CA). When you access the router through HTTPS, an
SSL handshake authenticates the server and the client and begins a secure session.
If the information does not match or the certificate has expired, you are not able to
access the router through HTTPS.

Without SSL encryption, communication between your router and the browser is
sent in the open and can be intercepted. We recommend that you enable HTTPS
access on your WAN interfaces.

On J-series Services Routers, HTTP access is enabled by default on the built-in
management interfaces. By default, HTTPS access is supported on any interface with
an SSL server certificate.

Before You Begin

Before you begin initial configuration, complete the following tasks:

■

Establish basic connectivity. See “Establishing Basic Connectivity” on page 131.

154

■

Secure Web Access Overview

J2320, J2350, J4350, and J6350 Services Router Getting Started Guide