cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ChinthuJ
Level 8
Report Inappropriate Content
Message 1 of 4

Can we trace TLS versions ?

Jump to solution
Can we trace TLS versions used by clients if we bypass the SSL Scanner content inspection ruleset ? If not possible any other options to identify the TLS versions used by the clients ?
1 Solution

Accepted Solutions
mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Can we trace TLS versions ?

Jump to solution

Yes this must be the reason. When we skip SSL scanner, MWG is just "bypassing" it after the CONNECT cycle. So we do not go deeper into it and do not retrieve this information and therefore the properties value stays empty.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

3 Replies
mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Can we trace TLS versions ?

Jump to solution

Hello @ChinthuJ,

I think this is only possible when using SSL scanner and using these properties:TLS properties.PNG

When bypassing SSL scanner, these properties are empty and nothing is logged therefore.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
ChinthuJ
Level 8
Report Inappropriate Content
Message 3 of 4

Re: Can we trace TLS versions ?

Jump to solution

Hello Marcel , 

 

Many thanks . The same parameter has been  added in Access logs  (log handler)

The CSR report is showing  the entries . But for some entries it's showing '-' .

Does that mean  proxy is not able to get that TLS information from the clients OR due to some applications which are bypassed the SSL scanner ruleset ?

 

 

mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Can we trace TLS versions ?

Jump to solution

Yes this must be the reason. When we skip SSL scanner, MWG is just "bypassing" it after the CONNECT cycle. So we do not go deeper into it and do not retrieve this information and therefore the properties value stays empty.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community