Shulou(Shulou.com)06/01 Report--

When it comes to https, we have to mention http (HyperText Transfer Protocol), the most widely used network protocol on the Internet. Its technical architecture, protocol functions, protocol principles, Baidu or google are explained in detail. And https (Hyper Text Transfer Protocol over Secure Socket Layer) is mostly on this S, SSL encryption, it is generally understood that https means that http joins the SSL encryption layer to become a security-oriented http transmission. So what is SSL? SSL is an asymmetric encryption method that is widely used at present, and it is recognized that it cannot be cracked. Safe and easy to use, so it can be widely used, in addition to http, mail pop3,smtp,IM communication and so on, can be used, is a good encryption method. At first, https is usually used for financial transactions in financial websites, time is like water, time is like a song, IT technology is developing rapidly, and now many portals and corporate websites are gradually using https protocol, which is also a factual trend. The concept is this concept, so how does https monitor and manage it? The following instructions are for non-professional IT technicians and non-professional programmers. In order for everyone to understand, some narratives may be childish and superficial, please understand more.

How does 1.https monitor and manage it? we should start with the transmission of http. (the description is relatively superficial and unprofessional, just let everyone have a conceptual understanding, and too professional words can't be understood.) in order to better understand, let's first talk about http transmission, comparing A to the client and C to the website. A says I want an apple, and C passes an apple to A. at this time, it can be imagined that countless apples are running naked on the Internet.

Therefore, the professional online behavior management software with audit function on the market, the hardware can record HTTP web browsing links, domain names, titles. If you can't even do this, or just record a simple domain name, then this product has nothing to do with professional online audit, and many routes claim to have online audit function. Routing comes from routing chips, and it is almost impossible to audit the Internet.

two。 The following is about to explain the https transport, if the http transport is a streaking Apple, then the https transport is the locked Apple running, unlocked as long as the website side and the user side. At this time, there are many locks floating on the Internet, but I don't know whether the lock is an apple or an orange, and I can't solve it. This lock is SSL asymmetric encryption, and it can't be solved directly.

3.https can not solve, does not mean that there is no way, oh, there is a professional technology "man-in-the-middle technology" principle, the source code are open, but the quality of the work also depends on the technical research attitude and how much time and cost they are willing to spend on technology. Look at the picture and explain, (this middleman is two-faced, acting as the network side in front of the client, acting as the client in front of the network side, and encrypting the encrypted transmission between the network side and the client to the other side to obtain each other's key to parse the decrypted data.) the middleman technology used in HTTPS monitoring is not as common as it is used in SSL encryption. In the end, recording employees' web browsing is only tracking employees' online traces to analyze their work trends, information security, generally used in mail monitoring, so products with HTTPS monitoring programs can basically be monitored by client mail. Man-in-the-middle technology is not advanced technology, but it must be a professional technology.

4. Practical application: then in the practical application, what kind of products have such professional technology to be used for omni-directional network management? First of all, all routes are not allowed, man-in-the-middle technology is more resource-consuming, routing architecture and routing chips can not carry, at the high end, in the big brand, in how to say is the Internet behavior management route, there is no oh. Some are hardware firewalls, gateways, x86 architecture professional industrial computers, PC, or server series.

Man-in-the-middle technology is generally used in two aspects: local area network monitoring and professional hardware firewall. Professional hardware firewall uses man-in-the-middle technology, which is generally used for antivirus. Local area network monitoring is used to monitor HTTPS browsing and SSL encrypted email records. There are two very typical practical applications, the two of which have different emphasis. Unangel second-generation firewall focuses on firewall and filtering, and man-in-the-middle technology is applied in antivirus and filtering. WSG online behavior management gateway focuses on online behavior management and content audit, and man-in-the-middle technology is applied to content audit and filtering.

Untangel: the second generation firewall, professional firewall plus network management focuses on firewall and application website filtering. Price cattle products, the system is open, there are conditions can try, according to the website, they claim to be open source, but it is estimated that nonsense.

B.WSG online behavior management gateway, basic firewall plus network management focuses on online behavior records, as well as application filtering website filtering, intermediate technology is used in SSL email monitoring and HTTPS website monitoring, content filtering. People-friendly products, the system is open and technical conditions can be tested and used by users.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.