Sophos UTM TLSv1.2 Support ??

TLS 1.2 is supported in UTM 9.7

here's snapshot from smtp TLS settings

Found this to remove TLSv1.1 from from Webadmin and User Portal, what worked for me.

root login:

1.  cc
2.  webadmin
3.  tls_protocols$
4.  =+TLSv1.2
5.  exit

Does anyone know, how to change the Ciper Suites? Are there any other Services what has to be changed manually to TLSv1.2 ?

Thx

I hadn't thought of that, so thanks!  Rather than use cc interactively, I prefer to use the command line as root:

cc set webadmin tls_protocols +TLSv1.2

You can see the current ciphers with:

cc get webadmin tls_ciphers

What would you want to change?

Cheers - Bob

Hello Bob,

thanks for the information, Just would like to know, what would be a strong Ciper Suite for TLSv1.2 for webadmin, and for WebProxy? 

Thx

Sally

My guess is that the current choices are the best.  When we dealt with POODLE in 2014, I think Sophos then made permanent changes to the ciphers.

Cheers - Bob