Sophos Firewall

Discussions TLS 1.2 support for SMTP mail filter

Sophos Firewall requires membership for participation - click to join

Thread Info

State Not Answered
+1 person also asked this people also asked this
Locked Locked
Replies 1 reply
Subscribers 27 subscribers
Views 1867 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

TLS 1.2 support for SMTP mail filter

Tom Maguire over 6 years ago

We have set up Sophos XG to route incoming emails to our Office 365 tenant (which is working perfectly) however we are failing our security audit as the protocols supported by the mail filter are TLSv1.1 and TLSv1.2 using weak ciphers (see below).

Is there a way (in the GUI or CLI) to disable TLSv1.1 and give TLSv1.2 stronger ciphers (along with perfect forward secrecy support)?

This thread was automatically locked due to age.

0 Tom Maguire over 6 years ago

UPDATE:

So upgrading the Sophos XG to firmware v17.5.3 (MR3) gives us more ciphers for TLSv1.2 - but there is still no PFS (perfect forward secrecy) support.
Cancel
Vote Up 0 Vote Down

Cancel