Use the Proxy section to enable proxy use for Reflection Secure Shell sessions.
The options are:
|
None |
No proxy is configured. (This is the default.) |
|
SOCKS |
Select SOCKS to configure a Secure Shell connection through a SOCKS proxy. |
|
HTTP |
Select HTTP to configure a Secure Shell connection through an HTTP proxy. |
|
Configure |
Configure proxy server settings. |
NOTE:
For Secure Shell connections, proxy use is enabled for the currently specified SSH config scheme using the Proxy setting in the Secure Shell configuration file. The proxy server address is stored in the Windows registry on a per-user basis and applies to all Secure Shell sessions.
In the Reflection FTP Client, the Security Properties dialog box includes tabs for both SOCKS configuration and Secure Shell configuration. You cannot use the SOCKS tab of the Security Properties dialog box to configure SOCKS proxied connections when you have enabled Use Reflection Secure Shell on the Secure Shell tab. To configure your SOCKS proxy, use the SOCKS setting on the Proxy tab of the Reflection Secure Shell Settings dialog box.
Use Reflection security proxy and related settings are visible for sessions that are managed on a centralized management server. When you set up sessions on this server, you can configure them to connect to your host via the Security Proxy included in the centralized management server. You can use this Security Proxy to configure secure connections even if your host is not running an SSL/TLS-enabled Telnet server.
NOTE:
When the Security Proxy is used, the connection between the client and the Security Proxy server is secured and encrypted using the SSL/TLS protocol.
If you configure sessions that connect through the Security Proxy with authorization enabled, users must authenticate to the centralized management server before they can connect using these sessions. This can be accomplished by the default login prompt or by setting up the centralized management server for Single Sign On.
Use Reflection security proxy
Configure this session to use the Security Proxy for the server connection.
Security proxy server and destination host
|
Security proxy |
Select the proxy server name from the drop-down list, which shows available servers. |
|
Proxy port |
Select the proxy server port from the drop-down list. |
|
Destination host |
If client authorization is enabled on the Security Proxy, enter the destination host name. If client authorization is not enabled, this box is read only. When you select a security port, the destination host configured to use that port is displayed automatically. |
|
Destination port |
If client authorization is enabled on the Security Proxy, enter the destination host name. If client authorization is not enabled, this box is read only. When you select a security port, the destination port and destination host are displayed automatically. |
Security proxy SSL/TLS settings
|
Encryption strength |
Specify the desired level of encryption for SSL/TLS connections. The connection will fail if this level cannot be provided. If you select Default, any encryption level is permitted, and your client will negotiate with the host system to choose the strongest encryption level supported by both the host and the client. If you are running in FIPS mode and select Default, the negotiation will allow only FIPS compliant encryption levels. NOTE:The effective encryption strength of the established connection may not match the value you select here. For example, 168 bit encryption uses 3DES cipher suites, which use a 168 bit key length, but provide an effective security of only 112 bits. |
|
SSL/TLS version |
Specifies which SSL or TLS version to use. |
|
Retrieve and validate certificate chain |
Specifies whether certificates presented for host authentication are checked to determine if they are valid and signed by a trusted CA. CAUTION:Disabling this option can make connections vulnerable to man-in-the-middle attacks, which could compromise the security of the connection. |
Security server performs encryption and user authorization
|
Proxy cipher suites |
A read-only list of cipher suites supported by this proxy host and port. This list is only visible when the product is launched from the Administrative WebStation (included with centralized management server). |
Security proxy client authentication
|
Find certificate for authentication |
When selected, all available personal certificates are presented to the server for client authentication. |
|
Use selected certificate for authentication |
Select to specify a particular certificate for client authentication. |