FTP Outbound Node Definition - Security

Use this screen to define the secure connection requirements for your internal FTP server. FTP Netmap Inbound Node Definition - Security fields are defined in the following table:

Field Name

Description

Secure Connection

Enable Secure Connection to enable the use of an SSL or TLS protocol to enable an SSL or TLS protocol to provide secure communications with transport protocols and to ensure that data is secured as it is transmitted across a single socket.

Security Setting
Security Setting identifies the security protocols enabled for connections to this node. Options include the following security protocols:
  • SSLv3
  • SSLv3 with v2 Hello
  • SSLv3 or TLSv1
  • SSLv3, TLSv1, 1.1, or 1.2
  • TLSv1
  • TLSv1.1
  • TLSv1.2

Trust Store

Location where trusted CA certificates are stored. CA certificates verify that a certificate received from a server is signed by a trusted source.

CA Certificate /Trusted Root

CA Certificate/Trusted Root identifies the trusted certificate to use to authenticate the certificate presented by the client. You select a CA certificate or trusted root from the list of certificates stored in the trust store you selected in the Trust Store field. When a client presents a certificate to establish a secure connection, the trusted root certificate, located at the server, must match or be the entity that signed the certificate presented by the client during the SSL handshake.

Key Store

Key Store identifies the location where the key certificates you want to use are stored.

Key/System Certificate

Certificate presented by Secure Proxy to the node to authenticate itself during the SSL handshake. Select the certificate to use for the node from the list that contains the key or system certificates stored in the key store selected in the Key Store field.

Available Cipher Suites

Available Cipher Suites is the list of ciphers that can be enabled to encrypt data that is transmitted during a secure SSL or TLS connection. Available cipher suites differ depending upon which version of SSL or TLS is selected. For more information about which ciphers are available for which versions of a security protocol, see Cipher Suites Supported.

Ensure that at least one cipher is enabled. To enable a cipher, highlight it and click Add. To enable multiple ciphers, highlight the ciphers to enable and click Add.

Selected Cipher Suites

Cipher you have enabled to encrypt data during a secure SSL or TLS connection. A cipher suite is negotiated during a secure channel connection between a client and a server. Ciphers are negotiated based on their location in the Selected Ciphers list. To reorder a cipher in the list, highlight the cipher to reorder and click the Up or Down button.

Clear Control Channel

Enable Clear Control Channel to allow an inbound or outbound node to use an unencrypted control channel for commands after the SSL or TLS handshake is complete. The data channel for file transfers will still be encrypted.