regarding the newest vulnerability: Web Gateway 7 with an enabled SSL scanner in default configuration seems to be vulnerable too according to https://www.poodletest.com/
I changed these settings:
Policy > Settings
and the test page no longer says I am vulnerable.
Is there any official recommendation from McAfee yet?
Solved! Go to Solution.
no official recommendations yet, but due to the fact that all SSL 3.0 enabled clients are vulnerable to MITM attacks, you should disable ssl 3.0.
would the people in this thread not knowing anything official kindly refrain from posting that they do not know anything official? Thank you!
Just curious - for people that have implemented these recommendations and have disabled SSL 3.0 and created an "exceptions" list with a different SSL Scanning Engine, did it go fairly smoothly? Or did you have to add quite a few exceptions? I'm just curious what the potential user impact would be to disable SSL 3.0.