Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 3046 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Handling of TLS communication

Robert Eastman

We have client proposals that ask us specific questions about how secure our communication is from Client workstation to the endpoints and back.  We are in the process of a server hardening to remove TLS 1.0, 1.1, RC4 SSL3.0 etc on all of our internal servers.

We have an application that clients transfer files to internal staff and vice versa.  How does Sophos handle a TLS 1.0 request that might come thru.  Does it pass that request thru to the web server and if the web server accepts 1.0 the traffic will come thru?

Is UTM hardened to not allow TLS 1.0 or any other vulnerable protocol to come thru?



This thread was automatically locked due to age.
  • 0

    Hi, Robert, and welcome to the UTM Community!

    I assume that this is a question about Webserver Protection, so I'll move this thread to the "Webserver Security" forum.

    Although TLS 1.0 has been removed from the User Portal and WebAdmin access, it appears to still be allowed by the reverse proxy, so the current recommendation would be to do what you are doing by removing it on your servers.  There are many deprecated protocols, ciphers and algorithms that have been removed in various places, but TLS 1.0 is not yet officially dead for everything.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML