Overview, Supported protocols – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Features Guide

Section IX: Management Security

449

Overview

The AT-S63 Management Software has a web server and a special web
browser interface that allow you to remotely manage the switch from a
management workstation on your network using a web browser. (For
instructions on the switch’s web browser interface, refer to the AT-S63
Management Software Web Browser Interface User’s Guide.)

The web server on the switch can operate in HTTP or HTTPS mode. A
management session conducted in the HTTP mode is not secure because
the packets are transmitted in plaintext, including the manager’s login
name and password. Should someone be monitoring the traffic on your
network during a management session, the security of the unit could be
jeopardize.

In contrast, a management session conducted in the HTTPS mode is
secure because the load in the management packets is encrypted with the
Secure Sockets Layer (SSL) protocol. This mode requires an encryption
key pair and a certificate. For background information, refer to Chapter 38,
“Encryption Keys” on page 453 and Chapter 39, “PKI Certificates and
SSL” on page 463.

The default setting for the web server is disabled, with the non-secure
HTTP mode as the default active mode.

For background information and guidelines on remote management, refer
to the Starting an AT-S63 Management Session Guide.

Note

To use HTTPS in an enhanced stack, all switches in the stack must
use HTTPS. For further information, refer to “SSL and Enhanced
Stacking” on page 469.

Supported

Protocols

The switch supports the following HTTP and HTTPs protocols:



HTTP v1.0 and v1.1 protocols



HTTPS v1.0 and v1.1 protocols running over SSL

The switch supports the following SSL protocols:



SSL version 2.0



SSL version 3.0



TLS (Transmission Layer Security) version 1.0