As some may be aware, there are upcoming changes to various industry-specific guidelines on secure electronic communications, requiring transitions from the use of SSL and early TLS versions to the newest TLS v1.2. This change is due to identified vulnerabilities with those encryption methods. INSIGHT Appliances and Symantec DLP have already been configured to accept only TLS communications and block SSL, however there is a known vulnerability for TLSv1.0, Browser Exploit Against SSL/TLS (BEAST) (CVE-2011-3389).
Regarding INSIGHT v2.x Appliances. TLS 1.0 is the only supported TLS version used for browser access to the Appliance Web GUI on port 5000. The only available work around is to disable the Web GUI. Customers who wish to implement this workaround are advised to open an INSIGHT Support case. The INSIGHT Support Team will disable the appliance-web service and then reboot the appliance (a reboot is recommended but not required). This process should take less than 10 minutes to complete.
Regarding INSIGHT v3.x Appliances. TLS 1.2 is the only supported TLS version used for browser access to the Appliance Web GUI on port 5000. TLS 1.0 and 1.1 are disabled.
If you have any questions or concerns, please contact support or your sales engineer.
0 Comments