Winfrasoft Appliance Update 2.0 details

Applies to: Winfrasoft Gateway Appliances running appliance builds 4.4.140725 and lower.

This update is designed to protect Winfrasoft Appliances against the SSL 3.0 Protocol Vulnerability and POODLE Attack (CVE-2014-3566) (Alert TA14-290A).

Note: This update does NOT include all items from Update 1.0.1 which may been to be installed separately. This update DOES supersede the SSL Hardening configuration included in Update 1.0.1.

  • Crypto Security Hardening update: Applies additional cryptographic hardening by disabling unsecure Protocols and Ciphers and enabling secure versions. This update makes the crypto stack PCI compliant and FIPS-ready. This update will...
    Disable: PCT 1.0, SSL 2.0 & SSL 3.0 Protocols and all RC2 & RC4 (<128) Ciphers.
    Enabled: TLS 1.0, TLS 1.1 & TLS 1.2 Protocols and RC4 128, 3DES 168, AES 128 & AES 256 Ciphers.

Uninstalling Update 2.0 will remove the additional hardening provided by Update 2.0, but will retain the hardening settings contained in Update 1.0.1.

Verify the hardening results using the Qualys SSL Labs test tool - https://www.ssllabs.com/ssltest/

Download Details: Winfrasoft Appliance Update 2.0 (1.56Mb)

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk