Disable SSLv3/TLSv1

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Disable SSLv3/TLSv1

L4 Transporter

Is it possible to disable SSLv3 and TLSv1 for Global Protect?

Vulnerability scanners flag the interface of the PAN where Global Protect portal/gateway are hosted as it allows these deprecated versions.


L7 Applicator

I am pretty sure the answer is still no, you can't remove these options.  You can see a similar discussion earlier here.

SSL decryption, which version of SSL is used ?

But the best avenue for information on this type of issue will be your PA sales team.  They can get you the roadmap for the feature and add you to any pending feature request.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

Thanks for the link. Though I don't particularly answer the question. The OP was a question similar to mine but all the answers relate to patching the version of OpenSSL.

I will contact me SE to see if I can get anywhere.

  • 2 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!