- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
we have a customer who wants to block TLS version 1.0 and 1.1 and to allow all the traffic from TLS V1.2 and above on firewall.
Is there any option on palo alto firewall.
Customer requirement is that they need to block it from the interface / port level.
customer is doing a scan using a third party app.
Can we have any way to mitigate this issue.
Thanks and Regards
If you decrypt outgoing traffic then you can create Decryption Profile (Objects > Decryption > Decryption Profile) where you can set minimum TLS version.
Then attach this profile to your decryption policy.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!