Security Options
You can configure SafeLinx to use several different security mechanisms to protect network resources.
The following figure shows the options that you can use to protect and secure network
communications. To better understand what you can do to secure your network, use the figure together
with the planning and configuration information in the table that follows it.
Identifier in preceding figure | Description | Planning information | For configuration information, see |
---|---|---|---|
1 | Transport Layer Security (TLS) connection between web browser and secure application server | Not applicable | Not applicable; automatically provided by web browser |
2 | Wireless optimized link protocol (WLP) | Based on PPP, but modified to support wireless and WAN communications, WLP
negotiates parameters for establishing, authenticating, securing, and optimizing VPN connections
between the SafeLinx Server and the SafeLinx Client. See Authentication between the mobile access service and SafeLinx Clients and Encryption between the mobile access services and SafeLinx Clients |
Automatically provided by connection between SafeLinx Server and SafeLinx Client. For information about configuring the type of authentication that is used, see Connection and transport profiles. |
3 | TLS connection between HTTP client and HTTP access services | You can configure TLS connections for each endpoint: the HTTP client and the HTTP access services. The HTTP client endpoint configuration depends on the implementation of the client software and is not explained in this document. | Configuring secure connections between HTTP access services and clients |
4 | RADIUS, LDAP-bind, or certificate-based authentication server | See Third-party authentication to the SafeLinx Server. | Adding authentication profiles |
5 | TLS connection between access manager and SafeLinx Administrator | See Securing communications between the SafeLinx Administrator and the access manager. | Securing communications between the SafeLinx Administrator and the access manager and Adding a secure login profile |
6 | TLS connection between HTTP access services and secure application server | You can configure TLS connections for each endpoint: HTTP access services and secure HTTP servers. | Configuring secure connections between HTTP access services and internal application servers |
7 | TLS connection between the mobile access services and applications that use the Messaging Services and Push APIs | See Authentication and encryption between messaging services and applications that use messaging services and Push APIs | Configuring TLS certificates for message processing applications |
8 | TLS connection among cluster managers | See Authentication and encryption among cluster managers | Securing communications among SafeLinx Servers in a cluster |
9 | TLS connection between SafeLinx Client and HTTPS mobile network connection (MNC) | See Authentication between the mobile access services and Mobility Clients and Encryption between the mobile access services and SafeLinx Clients | Configuring secure connections between mobile access services and SafeLinx Clients |