SteelHead™ SaaS User’s Guide
Preface
About This Guide
Audience
Document Conventions
Documentation and Release Notes
Contacting Riverbed
Overview of SteelHead SaaS
About SteelHead SaaS
System Components
Deployment Configurations
Direct Branch Internet Deployment
Back-hauled Internet Deployment
Deciding on a Deployment Configuration
New Features
Supported SaaS Providers
SteelHead SaaS Licensing
SaaS Connection and Bandwidth Limits
Compatibility with SteelHead Models
SteelHead SaaS Quick Start Checklist
Using the Riverbed Cloud Portal
Obtaining a Riverbed Cloud Portal Account
Logging in to and out of the Riverbed Cloud Portal
Managing Your Portal Account
Change Your Password
View Event History
Configure OAuth
View Portal News
Download Software
Access Riverbed Support
View Riverbed Cloud Portal Online Help
View Account Information
Viewing Your Service Summary
Viewing the Appliance Registration Key
Viewing SteelHead Service Status
Viewing Secure Peering Certificates
Viewing Licenses, Available SaaS Platforms, and Proxy Certificates
Viewing Cloud Accelerator Statistics
What This Report Tells You
Managing SteelHead SaaS
Controlling SaaS Optimization
Registering and De-registering Appliances on the Portal
Enabling and Disabling Optimization Services on Registered Appliances
Managing SaaS Platforms
Obtaining SaaS Optimization Details
Specifying General Settings
Specifying Certificate Settings
Configuring Cloud Acceleration on an Appliance
Configuring SteelHead SaaS
Prerequisites
Managing Ports Through a Firewall
Modifying Ports in a Port Label
Next Steps
Managing Certificates
SSL Certificates Overview
Prerequisites
Configuring Secure Peers
Viewing Cloud-Hosted Peering CA Certificates
Viewing Event Log
Configuring SaaS Proxy Certificates
Configuring SaaS Platform Settings
Configuring Cloud-Hosted CA Signed Proxy Certificates
Installing the Certificate in Firefox (Mac and Windows)
Safari and Google Chrome for Mac
Internet Explorer, Google Chrome and Safari for Windows
Configuring Customer CA Signed Proxy Certificates
Deploying SteelHead SaaS With Enterprise Proxy
Overview
Understanding Chained Interception
Configuring the First Optimization Phase
Prerequisites
Configuring Peer SSL Certificates
Importing the Internal Root Certificate
Enabling SSL Proxy Support
Enabling SSL Optimization
Intercepting SSL Proxy Requests
Modifying Ports in a Port Label
Configuring Peering Rules
Configuring the SteelHead Appliances for SaaS Providers
Configuring the SteelHead Appliances for Microsoft Office 365 (O365) With Outlook
HTTP Configuration for Browser-Based Applications
Verifying the First Optimization Phase
Configuring the Second Optimization Phase
Prerequisites
Managing Peer Certificates and Customer-Signed Proxy Certificates
Registering Appliances With the Riverbed Cloud Portal
Verifying the Second Optimization Phase
Troubleshooting
Enabling Info Logging Level
Cannot Invoke and run SteelHead SaaS
Solution #1
Solution #2
The connections are passed through because there is no SteelHead appliance on the path to the server
Solution #1
Solution #2
Some connections result in protocol errors
Solution
How do I know my traffic is redirected to the SRIP network?
Solution
The error message “Inner channel is not secure” appears
Solution
When I access the SaaS provider’s Website, my browser displays an error message about the SSL security certificate
Solution
A flow collector is configured to capture flow from the WAN port of my SaaS-enabled SteelHead; but the SaaS traffic is not being classified correctly, and the corresponding rbtpipeX_X is not displayed in the Capture Interfaces list
Solution
The rbtpipeX_X associated with a flow collector that is configured to capture SaaS flow continues to be displayed in the Capture Interfaces list even though SaaS is disabled on the SteelHead
Solution
SteelHead™ SaaS User’s Guide
The rbtpipeX_X associated with a flow collector that is configured to capture SaaS flow continues to be displayed in the Capture Interfaces list even though SaaS is disabled on the SteelHead