cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Supported TLS Ciphers Suites insufficient

Jump to solution

Hello,

we have to follow a new crytp policy in our company that allows just a certain list of ciphers for TLS1.2 and TLS1.3. The policy follows recommandations of security agencies like NSA or BSI (German Federal Office for Information Security) and does not include the following said to be weak ciphers, that ePO has to use as said in KB91296:

  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA

Is it possible to use more secure ciphers like TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (use of ephemeral keys and Forward secrecy) now and/or when does McAfee support more compliant ciphers out of the box?

 

thanks in advance

1 Solution

Accepted Solutions
McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: Supported TLS Ciphers Suites insufficient

Jump to solution

Hi Seahawker,

Just a quick update on your query. Our engineering is already aware of this and working on adding enhanced cipher and TLS support in future CU releases.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

5 Replies
McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: Supported TLS Ciphers Suites insufficient

Jump to solution

Hi Seahawker,

Currently EPO 5.10 only supports TLS1.2. I do not any definite answer to your question. I shall check with DEV to get an update.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 3 of 6

Re: Supported TLS Ciphers Suites insufficient

Jump to solution

Right now that is what we support.  If you want that changed, please submit an idea per kb60021 to make that a formal request,

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: Supported TLS Ciphers Suites insufficient

Jump to solution

Hi Seahawker,

Just a quick update on your query. Our engineering is already aware of this and working on adding enhanced cipher and TLS support in future CU releases.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

Re: Supported TLS Ciphers Suites insufficient

Jump to solution

thanks for your answers,  @LKS@cdinet 👍

do you have any quick hint, when we can expect an update with supported enhanced ciphers? just a rough estimation. 

 

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: Supported TLS Ciphers Suites insufficient

Jump to solution

Not at this time.  We can update the thread when we have further information.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community