cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor haaris
Reliable Contributor
Report Inappropriate Content
Message 1 of 4

How to get log for protocol version using by the client request

Hi,

When a user is trying to access the URL i want to know which protocol version url is using like ssl 3.0 or TLS1.0,TLS 1.2 etc.

Please tell me the property needs to be used in webgateway

3 Replies
Reliable Contributor haaris
Reliable Contributor
Report Inappropriate Content
Message 2 of 4

Re: How to get log for protocol version using by the client request

Plzzz update anyone

Re: How to get log for protocol version using by the client request

Sorry, there isn't one.

McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: How to get log for protocol version using by the client request

Hey folks,

7.7 was released today which brings properties for logging SSL related info:

SSL.Client.Protocol & SSL.Server.Protocol, possible values would be SSLv3.0, TLSv1.0, TLSv1.1, TLSv1.2, and unknown

SSL.Client.Cipher & SSL.Server.Cipher, this would be the raw cipher suite string used.

There was also SSL.Client.Cipher.KeyExchangeBits and SSL.Server.Cipher.KeyExchangeBits which normalize the key strength of the exchange. For further reading check out Keylength - NIST Report on Cryptographic Key Length and Cryptoperiod (2012)

Client refers to the communication between the client and the proxy. Server refers to the communication between the proxy and the server.

I attached a ruleset that could be used to log the information.

Best Regards,

Jon

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support
  • The McAfee ePO Support Center Plug-in is now available in the Software Manager. Follow the instructions in the Product Guide for more.