Application Delivery (ADX)

Reply
New Contributor
Posts: 4
Registered: ‎12-01-2009

SSL Supports Weak Encryption Vulnerability

We have 2 ServerIron GT-CGC16's that have failed a security audit due to allowing Low Encryption Ciphers.

Is there a way to remedy this on these devices?  The current SW version is 10.2.

Thanks!

Brocadian
Posts: 70
Registered: ‎03-14-2009

Re: SSL Supports Weak Encryption Vulnerability

you can specify the used cipher suites within the SSL profil:

Here is an example with software 10.2.01p

ssl profile profile1
cipher-suite
  all-cipher-suites
  exp1024-rc4-md5
  exp1024-rc4-sha
  rsa-export-with-des40-cbc-sha
  rsa-export-with-rc4-40-md5
  rsa-with-3des-ede-cbc-sha
  rsa-with-aes-128-sha
  rsa-with-aes-256-sha
  rsa-with-des-cbc-sha
  rsa-with-rc4-128-md5
  rsa-with-rc4-128-sha

New Contributor
Posts: 4
Registered: ‎12-01-2009

Re: SSL Supports Weak Encryption Vulnerability

Thanks Alexander, we will give this a try and see if it eliminates the vulnerability warnings!

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook