Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 9851 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG115 - need to disable SSLv3 and TLSv1 from outside connections. External vulnerability scans show port 443 can be attached with outdated protocols.

Charles Ghent

XG115 - need to disable SSLv3 and TLSv1 from outside connections. External vulnerability scans show port 443 can be attached with outdated protocols.

We can disable unrecognized SSL protocols on the web protection, but that is not securing the firewall from external threats.



This thread was automatically locked due to age.
Parents
  • 0

    As a note, we are running on FW 16 atm. We wanted to go to 17, but we have a number of clients with IPSEC connections that would be affected by the new bugs introduced re: continually dropping/reporting up/CPU usage.

     

    We need some kind of resolution for this - it is exposing all of our clients to external vulnerabilities and if we upgrade, to be unable to function for their normal day-to-day activities.

     

    Rock <--> hard place

  • 0 in reply to Charles Ghent

    As a note, even in the V17 firmware, TLSv1 is NOT disabled. Also some of the weaker DES ciphers are still enabled.

Reply Children