Applies to: Winfrasoft Gateway Appliances running appliance builds 4.4.140725 and lower.
Note: This update does NOT include all items from Update 1.0.1 which may been to be installed separately. This update DOES supersede the SSL Hardening configuration included in Update 1.0.1.
- Crypto Security Hardening update: Applies additional cryptographic hardening by disabling unsecure Protocols and Ciphers and enabling secure versions. This update makes the crypto stack PCI compliant and FIPS-ready. This update will...
Disable: PCT 1.0, SSL 2.0 & SSL 3.0 Protocols and all RC2 & RC4 (<128) Ciphers.
Enabled: TLS 1.0, TLS 1.1 & TLS 1.2 Protocols and RC4 128, 3DES 168, AES 128 & AES 256 Ciphers.
Uninstalling Update 2.0 will remove the additional hardening provided by Update 2.0, but will retain the hardening settings contained in Update 1.0.1.
Verify the hardening results using the Qualys SSL Labs test tool - https://www.ssllabs.com/ssltest/
Download Details: Winfrasoft Appliance Update 2.0 (1.56Mb)