Educause Security Discussion mailing list archives
Re: paloalto firewall
From: Chris Edwards <chris () ENG GLA AC UK>
Date: Fri, 21 Dec 2007 10:58:25 +0000
As others have said, the device is performing a middle-person attack. For this to work you have to install a certificate on all your desktops. This is easier for some sites than others. And as Valdis says, those sites who already have a private SSL PKI setup (in other words a campus CA certificate already installed in everyone's browser) will not need to touch the desktops...
Current thread:
- Re: paloalto firewall Mike Corcoran (Dec 20)
- <Possible follow-ups>
- Re: paloalto firewall Alex (Dec 20)
- Re: paloalto firewall Jeff Holden (Dec 20)
- Re: paloalto firewall Mark Boolootian (Dec 20)
- Re: paloalto firewall Valdis Kletnieks (Dec 20)
- Re: paloalto firewall Chris Edwards (Dec 21)
- Re: paloalto firewall Jeff Holden (Dec 21)
- Re: paloalto firewall Gene Spafford (Dec 21)