cancel
Showing results for 
Search instead for 
Did you mean: 
haaris
Level 10

How to get log for protocol version using by the client request

Hi,

When a user is trying to access the URL i want to know which protocol version url is using like ssl 3.0 or TLS1.0,TLS 1.2 etc.

Please tell me the property needs to be used in webgateway

0 Kudos
3 Replies
haaris
Level 10

Re: How to get log for protocol version using by the client request

Plzzz update anyone

0 Kudos
ITWebSec
Level 8

Re: How to get log for protocol version using by the client request

Sorry, there isn't one.

0 Kudos
McAfee Employee

Re: How to get log for protocol version using by the client request

Hey folks,

7.7 was released today which brings properties for logging SSL related info:

SSL.Client.Protocol & SSL.Server.Protocol, possible values would be SSLv3.0, TLSv1.0, TLSv1.1, TLSv1.2, and unknown

SSL.Client.Cipher & SSL.Server.Cipher, this would be the raw cipher suite string used.

There was also SSL.Client.Cipher.KeyExchangeBits and SSL.Server.Cipher.KeyExchangeBits which normalize the key strength of the exchange. For further reading check out Keylength - NIST Report on Cryptographic Key Length and Cryptoperiod (2012)

Client refers to the communication between the client and the proxy. Server refers to the communication between the proxy and the server.

I attached a ruleset that could be used to log the information.

Best Regards,

Jon

0 Kudos