Security Vulnerabilities - Enable / Disable TLS

File uploaded by viavisupport on Dec 16, 2020
Version 1Show Document
  • View in full screen mode

Overview

 

Many customers are running security scans and this article explains how to close a Security Vulnerability identified in TLS (transport layer security).

This is done through regex - see attached document

Solution Steps

 

Edit TLS protocol via the registry editor. Path is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\

See https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs 

See attached for example screen shots, which shows how to enable TLS 1.2 and disable the earlier protocol TLS 1.0

Additional Info

Outcomes