SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Can we switch of the ssl weakness for WAF. Please do a server test at www.ssllabs.com and type a url from a site behind the WAF.

Can we switch of the ssl weakness for WAF. Please do a server test at www.ssllabs.com and type a url from a site behind the WAF. you get this for all ssl v ersions

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK 112
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) DH 2048 bits FS WEAK 112
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK

12 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...
  • FosterDoug commented  ·   ·  Flag as inappropriate

    In 9.4, this can be remedied with changes made at the shell level -- Call support for particulars. In 9.4, official postings in the community forum indicate that some hardware configurations of 9.5 will have the ability to change encryption settings from the UI. Of course, 9.5 needs to stabilize before updating to get this feature..

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.