could you specify what feature you are talking about? I assume HTTPS services provided by the firewall i.e. browser-based authentication? I tested that in v5.5 and v5.8 and the firewall only offers TLS_RSA_WITH_AES_128_CBC_SHA, lowest TLS version it offers is 1.1.
In the Sidewinder version of the firewalls there was a section for SSL Rules. On an incomming SSL rule with decryption and re-encryption set you could specify what SSL or TLS versions were authorized, as well as you could drill down further, to select what cypher suites you would like to authorize.
I am wondering if there is a way to do the same in the NGFW?