Can I disable TLS 1.0 on NAC?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-28-2018 08:36 PM
is there a possibility to disable TLS 1.0 on NAC (maybe via Appliance Properties)?
This is a demand of some security officers.
The goal here is that the clients are not offered TLS 1.0 during the connection negotiation.
Best regards
Stephan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎05-29-2020 11:52 AM
I take it back, don’t know what happened the first time around but this worked the second time I tried it.
We’ll rescan and see if anything changes.
Thanks,
Mike
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎05-29-2020 11:51 AM
Hmm… Doesn’t look like it is working for me. I can’t save after trying to add the value.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎05-29-2020 07:03 AM
Hi Michael,
disabling can be done with an engine property, it is mentioned in below article.
https://gtacknowledge.extremenetworks.com/articles/Q_A/000043144
In my lab I can see TLS 1.0 is still supported on 8.4.3.24
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎05-28-2020 08:51 PM
I’m running 8.4.3.24 and I just noticed that our internal vulnerability scanner still flagged our NAC appliance as supporting TLS 1.0 and 1.1. I have the same requirements from security officers as mentioned above and was wondering if there was a way to confirm (prove) that it disabled.
