mattm
My feedback
-
7 votes
mattm supported this idea ·
-
7 votes
mattm supported this idea ·
-
11 votes
mattm supported this idea ·
-
71 votes
This is being implemented in v17 as a UI configurable option.
Note though, that PCI standards enforcing this requirement do not go into effect until mid-2018. Any audit failures due to crypto strength, prior to then, are premature.
mattm commented
The granular control of cipher suites and encryptions protocols is a growing need as automated scanning and compliance becomes more prevalent.
I'm fine with not having a web UI that allows complete configuration so long as there's comperehensive online documentation about how to perform configuration from the CLI.
mattm supported this idea ·
-
613 votes
We’re considering this
mattm supported this idea ·
-
55 votes
mattm supported this idea ·
I too have a requirement to be able to pass Client Authentication Certificates from users outside the LAN to Webservers hosted through Web Server Protection.
Presently it seems to Sophos simply ignores Client Certificates.