2 Replies Latest reply on May 13, 2015 5:11 PM by squidikus

    RC4 In NGFW


      Hi Guys,


      I am in the middle of running an SSL test using the quayls site, and was wondering if there is any way to turn off unsupported versions of TLS and SSL and also the cypher suites like RC4 128.



        • 1. Re: RC4 In NGFW



          could you specify what feature you are talking about? I assume HTTPS services provided by the firewall i.e. browser-based authentication? I tested that in v5.5 and v5.8 and the firewall only offers TLS_RSA_WITH_AES_128_CBC_SHA, lowest TLS version it offers is 1.1.




          • 2. Re: RC4 In NGFW


            In the Sidewinder version of the firewalls there was a section for SSL Rules. On an incomming SSL rule with decryption and re-encryption set  you could specify what SSL or TLS versions were authorized, as well as you could drill down further, to select what cypher suites you would like to authorize.

            I am wondering if there is a way to do the same in the NGFW?