cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor haaris
Reliable Contributor
Report Inappropriate Content
Message 1 of 4

How to get log for protocol version using by the client request

Hi,

When a user is trying to access the URL i want to know which protocol version url is using like ssl 3.0 or TLS1.0,TLS 1.2 etc.

Please tell me the property needs to be used in webgateway

3 Replies
Reliable Contributor haaris
Reliable Contributor
Report Inappropriate Content
Message 2 of 4

Re: How to get log for protocol version using by the client request

Plzzz update anyone

Re: How to get log for protocol version using by the client request

Sorry, there isn't one.

Highlighted
McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: How to get log for protocol version using by the client request

Hey folks,

7.7 was released today which brings properties for logging SSL related info:

SSL.Client.Protocol & SSL.Server.Protocol, possible values would be SSLv3.0, TLSv1.0, TLSv1.1, TLSv1.2, and unknown

SSL.Client.Cipher & SSL.Server.Cipher, this would be the raw cipher suite string used.

There was also SSL.Client.Cipher.KeyExchangeBits and SSL.Server.Cipher.KeyExchangeBits which normalize the key strength of the exchange. For further reading check out Keylength - NIST Report on Cryptographic Key Length and Cryptoperiod (2012)

Client refers to the communication between the client and the proxy. Server refers to the communication between the proxy and the server.

I attached a ruleset that could be used to log the information.

Best Regards,

Jon

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator