The transmission principle of the vernacular HTTPS, as well as the control method and SSL encryption!

When it comes to HTTPS, I have to mention HTTP (Hypertext Transfer Protocol), the most extensive network protocol on the Internet, with its technical architecture, Protocol features, Protocol principles, Baidu or Google, which are explained in detail. and HTTPS (Hyper Text Transfer Protocol over Secure Socket layer) More on this s, SSL encryption, usually understand that HTTPS is HTTP to join the SSL encryption layer into a security-targeted HTTP transmission. So what is SSL? SSL is an asymmetric encryption method that is widely used and is not universally recognized. Safe, and easy to use, so can be widely used, in addition to HTTP, Mail Pop3,smtp,im communication and so on, are able to use, is a good way to encrypt. At first, the use of HTTPS is usually a financial site for financial transactions, time such as water, years such as song, it technology, the rapid development of a day, many portals, corporate websites are gradually using the HTTPS protocol, this is also the trend of fact. Concept is the concept, then how does HTTPS monitor management? The following instructions are dedicated to non-professional IT technical personnel, non-professional code farmers. For everyone to understand, there may be some narrative more naïve and superficial, please understand.

1.https is how to monitor the management, but also from the transmission of HTTP speaking. (narrative relatively superficial, non-professional level, is to let everyone have a conceptual understanding on the line, too professional vocabulary pull up also do not understand intracavity) in order to better understand, first say HTTP transmission, will a compared to the client, C compared to the site side. A said I want apples, C will give a to an apple, this time can be imagined, the Internet countless apples are running naked.

So on the market professional with audit function online behavior management software, hardware can be recorded to the HTTP Web browsing links, domain names, titles. If not even this can not be done, or is to record a simple domain name, then this product and professional Internet audit does not take sides, many of the routes are also known as the Internet audit function, pull the call. Routing is a routing chip, almost impossible to audit the Internet.

2. The following is to explain the transmission of HTTPS, if the HTTP transmission is the bare apple, then the transmission of HTTPS is locked up Apple in the run, unlocked as long as the site and the user side. This time the internet is floating a lot of locks, but the lock inside is an apple or an orange do not know, can not be solved, this lock is SSL asymmetric encryption, direct solution is not solvable.

3.https can not, does not mean that there is no way oh, there is a professional technology "intermediary technology" principle, the source code are open, but do good or bad, but also look at the technical expertise of the attitude and willing to use how much time and cost to put on the technology. See figure explanation, (this middleman is double-faced, playing the network side in front of the client, playing the client in front of the network side, The network side and the client encrypted transmission of the Apple itself is also encrypted transmission to the other side to obtain the other side of the key to resolve to decrypt the data) intermediary technology used in HTTPS monitoring is not as common as the use of SSL encryption, in the end to record the employee's web browsing is only tracking employees online traces analysis of their work dynamics, Information security, generally used in the mail monitoring, so have HTTPS monitoring of the product, client mail basically can be monitored. Middleman technology is not advanced technology, but it must be a professional technology.

4. Practical application: Then in the actual application, what kind of products have such professional technology for all-round network management? First of all, all the routes are not, the middleman technology is more resource-intensive, routing architecture and routing chip can not carry, in the high-end, in the big, how to say that the Internet behavior management of the route, there is no OH. Some are hardware firewall, gateway, x86 architecture Professional Industrial computer, PC, or server series can be.

Middleman technology generally used in two aspects, LAN network monitoring and professional hardware firewall, professional hardware firewall with intermediary technology, is generally used for anti-virus. LAN network monitoring is used to monitor HTTPS browsing, as well as SSL encrypted mail records. There are two very typical practical applications, the two are exactly the same emphasis. Unangel second-generation firewall, focus on firewalls and filtering, middleman technology applications in anti-virus and filtering. WSG Internet Behavior Management Gateway, focusing on Internet behavior management and content audit, intermediary technology application in content auditing and filtering.

A,untangel: Second-generation firewall, professional firewall plus network management focus on firewalls and application site filtering. Price cattle products, system open, conditional can try, website introduction, they are known as open source, but estimated nonsense.

B.WSG Internet Behavior Management Gateway, Basic Firewall plus network management focus on the Internet behavior record, as well as the application of filtering site filtering, intermediate technology used in SSL mail monitoring and HTTPS website monitoring, content filtering. Pro-people products, system open with technical conditions users can test the use.

The transmission principle of the vernacular HTTPS, as well as the control method and SSL encryption!