Cryptography configuration – SENA STS Series User Manual

52

Figure 4-9 Port IP filtering for serial ports

4.2.7. Cryptography Configuration

The STS Series supports encrypted sessions for only TCP mode including modem emulation mode

(not UDP mode).

4.2.7.1. Secure Sockets Layer(SSL) And Transport Layer Security(TLS) Cryptography Method

By setting the cryptography method as one of SSLv2, SSLv3, SSLv3 rollback to v2 or TLSv1, the STS

Series can communicate with other device supporting SSL/TLS cryptography method in encrypted

sessions.

SSL was developed by Netscape for use between clients and servers. SSL layers on top of any

transport protocol and can run under application protocols such as HTTP. SSL aims to be secure, fast,

and adaptable to other Web protocols. SSL provides data security for applications that communicate

across networks. SSL is a transport-layer security protocol layered between application protocols and

TCP/IP.

TLS is an updated version of SSL. The protocol is specified in an Internet RFC, developed under the

auspices of the Internet Engineering Task Force (IETF). TLS is an evolution of SSL and it specifies a

mechanism for falling back to SSL if either client or server does not support the newer protocol, so a

transition to TLS is relatively painless.

To initiate SSL/TLS sessions, exchange of messages called the SSL handshake is required between

two devices (Server and Client). The SSL/TLS protocol uses a combination of public-key and