Disable SSLv3/TLSv1

Reply
Highlighted
L4 Transporter

Disable SSLv3/TLSv1

Is it possible to disable SSLv3 and TLSv1 for Global Protect?

Vulnerability scanners flag the interface of the PAN where Global Protect portal/gateway are hosted as it allows these deprecated versions.

Tags (2)
L7 Applicator

Re: Disable SSLv3/TLSv1

I am pretty sure the answer is still no, you can't remove these options.  You can see a similar discussion earlier here.

SSL decryption, which version of SSL is used ?

But the best avenue for information on this type of issue will be your PA sales team.  They can get you the roadmap for the feature and add you to any pending feature request.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
L4 Transporter

Re: Disable SSLv3/TLSv1

Thanks for the link. Though I don't particularly answer the question. The OP was a question similar to mine but all the answers relate to patching the version of OpenSSL.

I will contact me SE to see if I can get anywhere.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!