SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

WAF - VWS - TLS version setting

35 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

Benedikt Wehr shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

6 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...
  • Hans commented  ·   ·  Flag as inappropriate

    Agreed, I have an old zimbra mail server that works perfectly over the last 10 years.
    I have no problems using tls1.0 just for this server.

  • Joe commented  ·   ·  Flag as inappropriate

    Agreed, if nothing else... we like to test setting changes on a test server first before implementing on production. This isn't possible when we are limited to a single global variable. This has already bitten us once on a WebSphere issues that could have easily been worked out ahead of time had we been able to test the setting first on a non-production server.

  • Anonymous commented  ·   ·  Flag as inappropriate

    This feature was removed by Sophos without any notice!
    That is a big problem for us, as we can no longer force TLS > 1.0 on individual domains.
    We do not understand that Sophos is just removing features from there product. What is next?

  • Anonymous commented  ·   ·  Flag as inappropriate

    I absolutely agree. I need to enforce TLS 1.2 for our PCI-DSS applications and need to allow TLS 1.1 for some legacy clients accessing different applications.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Why is it not possible anymore to change the settings for TLS for each virtuell server? When there are some client which can only work with tls 1.0 the whole system must run wich 1.0. Other products have such setting for every service!

  • Anonymous commented  ·   ·  Flag as inappropriate

    if you use RD Gateway you need to set TLS 1.0 otherwise it won´t work.
    2 Possible scenarios:
    - get RD Gateway support to work with RemoteFX and TLS 1.2
    - change TLS Setting per Virtual Webserver

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.