SSL Enforcer Documentation



Similar documents
User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

DOE VPN Client Installation and Setup Guide March 2011

Maintenance Guide. Outpost Firewall 4.0. Personal Firewall Software from. Agnitum

User guide. Business

Important Notes for WinConnect Server VS Software Installation:

ez Agent Administrator s Guide

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Hosted Microsoft Exchange Client Setup & Guide Book

Mondopad v1.6. Quick Start

isupplier PORTAL ACCESS SYSTEM REQUIREMENTS

13.1 Backup virtual machines running on VMware ESXi / ESX Server

Intel Unite Solution. Standalone User Guide

Global VPN Client Getting Started Guide

ECA IIS Instructions. January 2005

Setting Up SSL on IIS6 for MEGA Advisor

Aventail Connect Client with Smart Tunneling

Hosted Microsoft Exchange Client Setup & Guide Book

FAQ. How does the new Big Bend Backup (powered by Keepit) work?

Immotec Systems, Inc. SQL Server 2005 Installation Document

How To Sync Google Drive On A Mac Computer With A Gmail Account On A Gcd (For A Student) On A Pc Or Mac Or Mac (For An Older Person) On An Ipad Or Ipad (For Older People) On

Interact for Microsoft Office

Configuring the WT-4 for ftp (Infrastructure Mode)

Aspera Connect User Guide

client configuration guide. Business

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

ProxyCap Help. Table of contents. Configuring ProxyCap Proxy Labs

OrgChart Now SSL Certificate Installation. OfficeWork Software LLC

Configuring the WT-4 for ftp (Ad-hoc Mode)

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

NAS 107 Introduction to Control Center

M86 Web Filter USER GUIDE for M86 Mobile Security Client. Software Version: Document Version:

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Magaya Software Installation Guide

Apple Mail Outlook Web Access (OWA) Logging In Changing Passwords Mobile Devices Blackberry...

LH110 Series DVR: Frequently Asked Questions

NETGATE Data Backup. User Manual. Document version 1. 1 EN ( ) Copyright (c) 2010 NETGATE Technologies s.r.o. All rights reserved.

Installing Microsoft Outlook on a Macintosh. This document explains how to download, install and configure Microsoft Outlook on a Macintosh.

Mechanics Bank Mobile Banking Mobile Finance Manager (MFM) Application Palm Treo Installation

SQL Server 2008 R2 Express Edition Installation Guide

Media Server Installation & Administration Guide

Configuring Network Load Balancing with Cerberus FTP Server

Configuring your client to connect to your Exchange mailbox

QUICK START GUIDE MONDOPAD/WIN

Mechanics Bank Mobile Banking Mobile Finance Manager (MFM) Application Windows Mobile Phone Installation

Installing the Microsoft Network Driver Interface

WhatsUp Gold v16.3 Installation and Configuration Guide

Initial Setup of Mozilla Thunderbird with IMAP for OS X Lion

SecureAware on IIS8 on Windows Server 2008/- 12 R2-64bit

IsItUp Quick Start Manual

You may have been given a download link on your trial software . Use this link to download the software.

If you have questions or find errors in the guide, please, contact us under the following address:

Important Notes for WinConnect Server ES Software Installation:

NAS 323 Using Your NAS as a VPN Server

Sophos for Microsoft SharePoint startup guide

Sophos UTM. Remote Access via IPsec Configuring Remote Client

BASIC CLASSWEB.LINK INSTALLATION MANUAL

Proxifier for Mac OS X v2.0 User Manual

PREFACE iss.01 -

Changing Your Cameleon Server IP

Virtual Office Remote Installation Guide

Sophos Endpoint Security and Control standalone startup guide

Elluminate Live! Access Guide. Page 1 of 7

Vulnerability Remediation Plugin Guide

How To Run Paragon Boot Camp Backup On A Mac Computer (Windows) On A Pc Or Mac (Windows 2) On An Ntos 2 (Windows 3) On Your Computer Or Ipad (Windows 1) On Pc Or Ipa

RIAS stands for Remote Installation Assistance Service by NT-ware to remotely assist you on-site and on-demand. RIAS sessions are useful to guide you

User Guide: Manual Migration on Thunderbird for OS X

QUANTIFY INSTALLATION GUIDE

For Windows XP 64 bit

Ocularis Media Server Installation & Administration Guide

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Xerox 700 Digital Color Press with Integrated Fiery Color Server. Utilities

Web-Access Security Solution

ManageEngine IT360. Professional Edition Installation Guide.

ThinPoint Quick Start Guide

IIS 6.0SSL Certificate Deployment Guide

Kaspersky Security Center Web-Console

WatchGuard Mobile User VPN Guide

Home Internet Filter User Guide

ISL AlwaysOn 1.0 Manual

An additional website URL has been added to the districts website address making this gateway easy to access and bookmark for future use.

Working Folder Linkage Setup Guide

2X ApplicationServer & LoadBalancer Manual

NSi Mobile Installation Guide. Version 6.2

Safe internet for business use: Getting Started Guide

Exchange 2013 mailbox setup guide

Outlook 2010 Setup Guide (POP3)

SSL Intercept Mode. Certificate Installation Guide. Revision Warning and Disclaimer

4cast Client Specification and Installation

This works very well for situations where all computers are within the same LAN and can access both the SQL server and the network shares.

Virtual Owl. Guide for Windows. University Information Technology Services. Training, Outreach, Learning Technologies & Video Production

Initial Setup of Microsoft Outlook 2011 with IMAP for OS X Lion

OUTLOOK ANYWHERE CONNECTION GUIDE FOR USERS OF OUTLOOK 2010

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

Sophos SafeGuard Native Device Encryption for Mac Administrator help. Product version: 7

Installing LearningBay Enterprise Part 2

User Manual. User Manual Version

PhoneCrypt Desktop. Phone Encryption Software. PhoneCrypt Manual Mobile phone encryption for Windows Platforms

NAS 208 WebDAV A Secure File Sharing Alternative to FTP

Installing and Configuring vcenter Multi-Hypervisor Manager

Transcription:

SSL Enforcer Documentation Introduction Install and Uninstall Getting Started Main Settings Options Log Introduction Today a vast majority of Internet activities like social networking, streaming videos, messaging are based on HTTP protocol. Unfortunately, it does not provide encryption by default so your data including sensitive details like passwords, private information, etc can be intercepted. This can also compromise your privacy because your activities can be tracked by a third party. All these problems can be addressed by HTTPS protocol that provides encryption based on SSL/TLS secure connection. The number of resources that are available through HTTPS is constantly growing but it will take a long time until unsecure HTTP becomes obsolete and disabled by default. Since both protocols coexist, it is hard to make sure that all connections go through secure SSL/TLS channels. Modern Internet applications provide little control over this. No options exist on the operating system level as well. SSL Enforcer solves this problem and provides you with a flexible control over HTTP/HTTPS connections. Depending on your scenario, it can block all unsecure HTTP connections, check for secure alternatives and redirect the connections accordingly. The processing takes place on the system level, so it ensures no data leaks. It is fully transparent for user applications. In the optional best-effort mode, SSL Enforcer redirects to HTTPS only when it is available on the server. Connection check happens in the background so there is no interruption for the user application.

Install and Uninstall SSL Enforcer is available as a download package at web site. It can be installed on Microsoft Windows 7, 8, 8.1, 10 (32- or 64-bit editions) and Apple Mac OS X 10.6-10.10. On Windows, run SSLEnforcerSetup.exe setup program and follow the steps of installation wizard. On Mac, unzip and copy SSL Enforcer.app to /Application folder on your Mac. You can uninstall SSL Enforcer at any given time. On Windows, use Start >SSL Enforcer >Uninstall SSL Enforcer program or Windows Control Panel. On Mac, move SSL Enforcer.app to Trash. Either of these actions will completely remove SSL Enforcer from your system. Getting Started When you start SSL Enforcer, it runs at the background and adds its icon to the system tray on Windows or menu bar on Mac. To open main window, click this icon (Microsoft Windows). Or right-click the icon and select Preferences from the menu (Mac OS X). By default, SSL Enforcer works in Strict Mode. It blocks all unsecure HTTP connections that go to the predefined ports 80, 88, 3128, 8080-8088 for all applications (you can change this at Options). In the same time, it checks for HTTPS availability and redirects the connection automatically if possible. If HTTPS is not available for the requested resource, your browser will display an error page generated by SSL Enforcer. Here you can get a detailed information about the problem and add the target to the exclusion list.

In the main window, you can change any settings on the fly. Additional options are available through Options... button. Show Log opens the log window. Use On/Off toggle to enable/disable SSL Enforcer. To quit the program, right-click on the SSL Enforcer icon and select Exit from the context menu. Main Settings To open the main window, use SSL Enforcer system tray icon. The window contains all main controls of the program. All changes to these settings will be effective immediately. There is no need to restart SSL Enforcer. On/Off toggle allows you to enable/disable SSL Enforcer without quitting the program. Autolaunch at login starts SSL Enforcer automatically on Windows startup (user login). Options... button opens a window with additional options. Show Log... button shows the log window where you can monitor for the network events in real time. Some of the controls are also available through the context menu that can be opened by a right-click on the system tray icon. In the main window you can switch between two distinct working modes Strict Mode and Best-Effort Mode.

Strict Mode When this mode is enabled, SSL Enforcer blocks all unsecured HTTP connections (subject to the exclusions set at Options). This provides the best security and ensures no data leaks over unencrypted channel. Additionally you can make SSL Enforcer to Check HTTPS availability for the requested resource. The check involves comprehensive test of SSL/TLS connection, alternative hostnames (with and without www prefix), dead loop redirects, etc. Check results for each host are cached for several minutes to avoid multiple checks of the same resource within a short time. In case of a problem, the result of the check will be printed in the browser and the log. In many scenarios, it is convenient to Redirect to HTTPS automatically. If this option is enabled and HTTPS is available for the resource, your work will not be interrupted as the redirection is transparent for the user applications like browser. If this option is not set, SSL Enforcer generates a page with a prompt like this in your browser. Best-Effort Mode In this mode, SSL Enforcer redirects to HTTPS only when it is available for the requested resource. All processing including the check, waiting and redirect (if possible) is transparent for the user application. This allows you to add more security for all your Internet activities. SSL Enforcer will ensure that your data travels through encrypted channels whenever is available. In the same time, you can still access resources that do not support HTTPS. The only drawback is some additional delay needed for SSL/TLS check. Although this is an issue only when the host is requested for the first time. After that, the results will be instantly retrieved from SSL Enforcer cache. Another problem is that some hosts may have SSL/TLS available while the web site is not properly configured for HTTPS. Options Options window is available through the click on the Options... button at the main window. It allows you to fine-tuning SSL Enforcer. The changes to the settings will be activated upon the click on OK button.

Ports This field allows you to specify the list of the TCP ports that SSL Enforcer monitors for HTTP connections. Use semicolon (;) to separate particular ports or port ranges. Example: 80; 88; 3128; 8080-8088; Process Exceptions Add process names here that you do not want to be handled by SSL Enforcer. All connections of such processes will completely bypass SSL Enforcer. Use semicolon (;) as a separator. Omit the path. If the name contains spaces, wrap the name in double-quotes ( ). Example: example.exe; long name app.exe ; You can add or remove a process from the list if you click on it at the Log window. Host Exceptions Add host names here that you do not want to be handled by SSL Enforcer. All connections to these hosts will completely bypass SSL Enforcer. Use semicolon (;) as a separator. Wildcards (masks) are supported. Example: microsoft.com; *.example.net; You can add or remove a host from the list if you click on it at the Log window or through web page generated by SSL Enforcer. Bypass certificate status (OCSP) requests When working with HTTPS some browsers try to validate SSL certificates through OCSP protocol. This is done to make sure that SSL certificate is still active and it is not revoked. The validation itself works through HTTP thus SSL Enforcer may prevent this connection. Since there is no user data leak during OCSP validation; it makes sense to keep this option enabled. This way SSL Enforcer will bypass OCSP requests so they will work as intended.

Log To open the log window click Show Log... button at the main window. SSL Enforcer outputs all network events to the log. It provides you with a detailed information about all SSL Enforcer activities. If you click on the highlighted item (process or host), you can add or remove it from the exclusion list that is also available at the Options. You can change the verbosity of the output through Screen Log Level control. In Verbose mode, SSL Enforcer outputs all events including information about connections that are not processed. This can be helpful for troubleshooting. Error messages are marked in red. Use Clear Display to clear the output. You can also make SSL Enforcer to write file log. To do this, set File Log Level to desired verbosity. To disable the log, set File Log Level to None. Use Set Log Folder and Open Log Folder to manage the log file. Settings will bring you to the main window of SSL Enforcer.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information