TLS 1.0

It was my understanding that the betas would include fixes to move both the UTM and RED devices to TLS 1.1 .  We are having huge issues with PCI compliance due to the TLS 1.0 currently in place.  After testing of beta 1 and 2, port 4444 appears to have been patched, however the RED listening port still shows TLS 1.0.  Anyone know more about this?

Parents
  • I don't know anything else on the subject but I'll just add my comment to say this does need to be fixed. One of the biggest reasons my company has not rolled out additional Sophos boxes is because of PCI compliance. Sophos is shooting themselves in the foot by eliminating potential customers that requiring the very common PCI Compliance. Personally I think PCI Compliance should be a built in update just like SNORT rules.

Reply
  • I don't know anything else on the subject but I'll just add my comment to say this does need to be fixed. One of the biggest reasons my company has not rolled out additional Sophos boxes is because of PCI compliance. Sophos is shooting themselves in the foot by eliminating potential customers that requiring the very common PCI Compliance. Personally I think PCI Compliance should be a built in update just like SNORT rules.

Children
No Data