https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4300608#M1078964 <P>We have found TSLv1 weak encryption algorithm in FTD in audit and they suggest mitigate it with latest TSLv. But in present we can see only TSLv1.2 is available with in FMC, both FMC and FTD version 6.4.0.7.</P><P>Is it close once we upgrade it with TSLv1.2 and Does it any impact?</P> Wed, 03 Mar 2021 10:04:59 GMT mumbai.support 2021-03-03T10:04:59Z https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4300608#M1078964 <P>We have found TSLv1 weak encryption algorithm in FTD in audit and they suggest mitigate it with latest TSLv. But in present we can see only TSLv1.2 is available with in FMC, both FMC and FTD version 6.4.0.7.</P><P>Is it close once we upgrade it with TSLv1.2 and Does it any impact?</P> Wed, 03 Mar 2021 10:04:59 GMT https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4300608#M1078964 mumbai.support 2021-03-03T10:04:59Z https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4300613#M1078965 <P>Hi <a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/264489">@mumbai.support</a>&nbsp;</P> <P>You should be fine disabling older versions of TLS and just using TLS 1.2, most modern supported operating systems supports TLS 1.2.</P> <P>&nbsp;</P> <P>Refer to <A href="https://integratingit.wordpress.com/2021/01/28/secure-ftd-tls-ciphers/" target="_self">this guide</A> for more information about TLS on FTD.</P> <P>&nbsp;</P> <P>Bear in mind if you are using Remote Access VPN and want to use DTLS 1.2 then you need to upgrade to FMC/FTD 6.6.</P> <P>&nbsp;</P> <P>HTH</P> Wed, 03 Mar 2021 10:12:49 GMT https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4300613#M1078965 Rob Ingram 2021-03-03T10:12:49Z https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4302354#M1079067 <P>Hi Rob Ingram,</P><P>&nbsp; Thank You...!</P><P>&nbsp; &nbsp;If I change it from 1.0 to 1.2 then does it any impact in remote VPN CISCO AnyConnect?</P> Sat, 06 Mar 2021 04:51:31 GMT https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4302354#M1079067 mumbai.support 2021-03-06T04:51:31Z https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4302361#M1079068 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/264489">@mumbai.support</a>&nbsp;</P> <P>Yes it does, if you are using TLS protocol.</P> <P>Most modern operating systems should support TLS 1.2.</P> <P>The guide shows you how to make the changes and test.</P> <P>&nbsp;</P> <P>HTH</P> <P>&nbsp;</P> Sat, 06 Mar 2021 07:14:56 GMT https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4302361#M1079068 Rob Ingram 2021-03-06T07:14:56Z https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4319710#M1079900 <P>Thank You...! It is working.&nbsp;</P> Wed, 07 Apr 2021 04:43:18 GMT https://community.cisco.com/t5/network-security/how-to-close-vulnerability-quot-tslv1-weak-encryption-algorithm/m-p/4319710#M1079900 SurajS 2021-04-07T04:43:18Z