Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Enable Web Application Firewall support to specify cipher strengths it can accept. Either cipher-by-cipher basis or on a weak/med/strong cat

Enable Web Application Firewall support to specify cipher strengths it can accept. Either cipher-by-cipher basis or on a weak/med/strong category.

25 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    DarcyDarcy shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    4 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Adam WilsonAdam Wilson commented  ·   ·  Flag as inappropriate

        In this day and age where SSL ciphers are being frequently broken SysAdmins need the ability to respond to threats by tuning their supported ciphers instead of waiting for Sophos to do it "Real Soon Now". The default RC4 cipher is exploitable today and we have no way to make it the non-default cipher for TLS1.2 which supports the strongly secure AES128GCM cipher.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Hi,
        I work with an MSP company and this is a feature that we require for our customers.
        Regards,

        Joseph.

      • HaukeHauke commented  ·   ·  Flag as inappropriate

        Would love that feature, since NSA more then ever. RC4 becomes exploitable in the distant future.

      • BarryGBarryG commented  ·   ·  Flag as inappropriate

        This is probably needed for PCI compliance, unless the weak ciphers have already been disabled.

        It would still make future PCI changes easier to deal with (e.g. when BEAST was discovered, etc.)

      Feedback and Knowledge Base