Vulnerability Description The bug is in OpenSSL’s implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server. For more details, please refer to: http://heartbleed.com/ 1) Updating the Hardware & Virtual Appliance Appliance Software Versions Affected : v7.5, v7.5.1, v7.5.2, v7.5.3, v7.5.4 Hotfix Details : The hotfix includes a recompiled version of OpenSSL with the compile option “-DOPENSSL_NO_HEARTBEATS” which mitigates the vulnerability
SSL Offload Testing with HAProxy and Stunnel
There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested we at loadbalancer.org wish to change that. What is SSL offloading/SSL Termination? SSL offloading is the process of moving SSL traffic decryption and encryption away from your web servers onto a centralised device, be it a loadbalancer or specific SSL offloading hardware
SSL Termination & The BEAST
Over the last few weeks we have seen more and more users reporting that they have run a security check on the SSL certificate thats installed on their Loadbalancer appliance using the Trustworty Internet Movement web site (https://www.trustworthyinternet.org/ssl-pulse/). The idea behind the site is basically to test as many SSL certificates on the Internet as
SonicWALL Virtual Assist is Easy
Is it easy to deploy Virtual Assist on a SonicWALL SSL VPN Appliance? Upa Hazarika, Product Manager, SonicWALL
Policy Control with SonicWALL Aventail SSL VPNs
Spend a few minutes with Chris learning about the security policy control capabilities in SonicWALL Aventail SSL VPNs. Chris Witeck, Director of Product Management, SonicWALL