6 Replies Latest reply on Oct 23, 2014 8:17 AM by phlrnnr

    POODLE

    bornheim

      Hi,

       

      regarding the newest vulnerability: Web Gateway 7 with an enabled SSL scanner in default configuration seems to be vulnerable too according to https://www.poodletest.com/

       

      I changed these settings:

       

      Policy > Settings

      • Engines > SSL Scanner > Default Certificate Verification
        • SSL Protocol version
          • SSL 3.0: off
        • Use alternative handshake settings after handshake failure: off

       

      and the test page no longer says I am vulnerable.

       

      Is there any official recommendation from McAfee yet?

       

      Kind regards,

      Robert