Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to set Ciphers used by WAF?

Hello,

 

recently I've scanned my Website with SSL Labs, and I've seen that XG 18.0 WAF allows some ciphers that are marked as weak. How to configure the ciphers used by WAF of XG 18.0?

 

Regards Dwayne Parker



This thread was automatically locked due to age.
  • Hi,

     

    any news on this topic?

    , I would also be glad, if you could help to investigate this, and post an offical answer here!

    _______________________________________________

    Sophos XG User

  • If you are a Home User, feel free to simply modify the reverseproxy.conf and remove those cipher. 

    The same process, other people did after Poodle appeared. 

    https://community.sophos.com/products/unified-threat-management/f/web-server-security/50265/poodle---how-to-disable-sslv3

     

    I am not sure, where to find the reverseproxy.conf in XG, but you should be able to figure out. 

    __________________________________________________________________________________________________________________

  • LuCar Toni said:
    I am not sure, where to find the reverseproxy.conf in XG, but you should be able to figure out. 

    /cfs/waf/reverseproxy.conf


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v21 GA @ Home

    Sophos ZTNA (KVM) @ Home

  • Hi Dwayne,

    I'll follow up with the team to investigate this further.

    Thanks!


    Florentino
    Director, Global Community & Digital Support

    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.
    The Award-winning Home of Sophos Support Videos! - Visit Sophos Techvids
  • Hi @Dwayne Parker

    Here is the response from the development and security team here at Sophos regarding cipher list available in the XG for WAF:

    Strong ciphers

    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
    • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)
    • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)

    Weak ciphers

    • Because CBC is used
      • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
      • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)
      • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
      • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)
    • Because SHA1 is used (in addition to CBC)
      • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
      • TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)
      • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
      • TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)
    • Because no forward secrecy is offered (some also use CBC and/or SHA1)
      • TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)
      • TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)
      • TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)
      • TLS_RSA_WITH_AES_256_CBC_SHA (0x35)
      • TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)
      • TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)

    Regarding when "CBC is used"

    According to the security team: "CBC being offered is ok as long as its a strong cipher.  That is no 3DES ciphers offered". All offered ciphers are strong is this regard (e.g. no 3DES is offered).

    Conclusion: Leave it as it is

    Regarding "SHA1 is used"

    This is considered OK because SHA1 is used as HMAC-SHA1 which is not broken (unlike pure SHA1). All offered ciphers are strong in this regard.

    Security team: "While SHA1 is broken, HMAC-SHA1 is not broken. Assuming that the HMAC key is not known to the attacker, HMAC-SHA1 is not susceptible to the same collision attacks that SHA1 is. If the attacker has the HMAC key, he has broken HMAC itself, no matter if it is HMAC-SHA1 or HMAC-SHA2."

    Conclusion: Leave it as it is

    Regarding "no forward secrecy is offered"

    The overall SSL Labs rating does not change if the non-forward secrecy ciphers are removed.

    SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!aNULL:!MD5:!DSS
    

    We might lose support for less capable clients if we remove the non-forward secrecy ciphers. Clients that support forward secrecy will prefer the forward secrecy ciphers anyway.

    Conclusion: Leave it as it is as it has no impact on clients that support forward secrecy but widens the support for less capable clients

     

    As you can see if you remove the CBC ciphers from the list, you are limiting the client pool that can connect to your WAF instance.

    If you would like to remove various ciphers, the file to edit is located here:  /usr/apache/conf/httpd.conf

    You need to put the system into read/write mode: mount -no remount, rw /

    Then edit the above file with VI and remove the SSL cipher suite offered in this line: SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:ECDH+3DES:DH+3DES:RSA+3DES:!aNULL:!MD5:!DSS

    Please note that when WAF is set to use TLS1.2, 3DES ciphers are not offered to the client.

    I hope this answers everyone's question surrounding this.

    Thanks!

    KingChris
    Community Support | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link