Cryptzone Support

 
If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here

 

Article

SEP Security Patch 50420 TLS

« Go Back

Information

 
Article Number000001151
Article

Reason:

Du to vulnerabilities in SSL, for example POODLE, Cryptzone has implemented TLS 1.2 on "sep://" connections and TLS 1.0 on "https://" connections from version 5.0.42.0 and newer. 

 

Recommendation: 

Due to known issues in SSL v3 all existing customers are advised to upgrade to this version (5.0.42.0) or newer.

 

SEP server: To disable SSL v3 and enforce minimum TLS 1.0:

 Upgrade the SEP Server to 5.0.42 (or later)

  1. Stop the SEP Server.
  2. Add the following line to configuration.xml file that resides in the SEP Server installation directory:<DisableSslv3>True<DisableSslv3> 
  3. Save the file.
  4. Start the SEP Server.

 

SEP Clients

After this change, SEP Clients older than 5.0.81 will not be able to connect using sep:// protocol. However the https:// protocol will continue to work.

SEP Clients v 5.0.81 or newer can use both sep:// and https:// protocols, while talking to a SEP Server with min TLS 1.0 enforcement.

 

How to upgrade Secured eUSB clients

Once the SEP client is upgraded, all Secured eUSBs should be upgraded to the latest version to support TLS.

 

1. Make sure your client is the latest version and that it has the correct policy and the correct protocols and adress to the correct SEP-Server, have a look at this FAQ for guidance. 

2. Insert the existing Secured eUSB and right click and select upgrade. 

3. click OK once the process is done. 

 

Related File 
Additional Files 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255