Regarding the TLS 1.0 and 1.1. end of support, is there a way to get a report of all devices, etc., still using TLS 1.0 and 1.1.? I would just like a list of devices still using the older protocol. Thanks.
I am the product manager at Duo working on this deprecation project. For a report on devices (and/or users if available) still using TLS 1.0/1.1 and/or with weak ciphers, please open a ticket with the support team and they should be able to help you with this. Alternatively, you can also use this form here to submit a request for device info: Feedback for TLS 1.0/1.1 and Weak Ciphers Deprecation
When I submitted a ticket to support about it they just said there were 40 RDP logins with our IKEY. They didn’t tell us which specific machines they were seeing, so there’s really not much I can action there.
Duo support gave us a list of clients reporting the unsupported TLS versions. The originating IPs from all these clients belong to Netskope CASB, which we used.
Support told us they noticed other customers also reporting from those Netskope IPs. Now we are thinking this is a Netskope issue, not so much on our clients. Hope Duo and Netskope can resolve it between themselves if needed.