Dell SonicWALL Secure Mobile Access 8.5Administration Guide 21Concepts for Secure Mobile AccessThis section provides an overview of the following key concepts that the administrator should be familiar withwhen using the SMA/SRA appliance and Secure Mobile Access web-based management interface:• Encryption Overview on page 21• SSL for Virtual Private Networking (VPN) on page 21• SSL Handshake Procedure on page 22• IPv6 Support Overview on page 22• Portals Overview on page 25• Domains Overview on page 25• Application Offloading and HTTP(S) Bookmarks Overview on page 25• Cross Domain Single Sign-On on page 29• ActiveSync Authentication on page 30• Network Resources Overview on page 35• SNMP Overview on page 40• DNS Overview on page 40• Network Routes Overview on page 40• NetExtender Overview on page 40• Two-Factor Authentication Overview on page 44• One Time Password Overview on page 46• End Point Control Overview on page 48• Secure Virtual Assist Overview on page 49• Web Application Firewall Overview on page 63Encryption OverviewEncryption enables users to encode data, making it secure from unauthorized viewers. Encryption provides aprivate and secure method of communication over the Internet.A special type of encryption known as Public Key Encryption (PKE) comprises a public and a private key forencrypting and decrypting data. With public key encryption, an entity, such as a secure Web site, generates apublic and a private key. A secure Web server sends a public key to a user who accesses the Web site. The publickey allows the user’s Web browser to decrypt data that had been encrypted with the private key. The user’s Webbrowser can also transparently encrypt data using the public key and this data can only be decrypted by thesecure Web server’s private key.Public key encryption allows the user to confirm the identity of the Web site through an SSL certificate. After auser contacts the SMA/SRA appliance, the appliance sends the user its own encryption information, including anSSL certificate with a public encryption key.SSL for Virtual Private Networking (VPN)A Secure Socket Layer-based Virtual Private Network (SSL VPN) allows applications and private networkresources to be accessed remotely through a secure connection. Using SSL VPN, mobile workers, businesspartners, and customers can access files or applications on a company’s intranet or within a private local areanetwork.