Sophos Ideas / Secure Web Gateway

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Suggest an Idea...

← Secure Web Gateway

Disable deprecated SSL/TLS Versions

When using SSL-Inspection, it should be possible to deaktivate outdated TLS-versions like TLSv1.0 / 1.1.
It is recommended to disable SSLv3/ TLSv1.0 / 1.1 in the browser settings. This setting is useless, however, as the SWA always uses SSLv1.2 in the direction of the client.
So it can happen that a website with TLSv1.0 is requested, which is transferred to the client, on which TLSv1.0 is deactivated, with TLSv1.2.
That's a security problem.

5 votes
Sign in Sign in with: Log in with your Sophos ID
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Steffen Schmid shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in Sign in with: Log in with your Sophos ID
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Peter commented  ·   ·  Flag as inappropriate

    it should be easy enough to restrict the outbound HTTPS connection to the same cipher suites as the inbound HTTPS connection, this would then ensure the connection is secure along both legs EUD->SWG->SITE

Secure Web Gateway: Web Appliance

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.