Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
699
Views
0
Helpful
2
Replies

Enabling TLS_FALLBACK_SCSV extention in ISE2.3P4

Go to solution
Jay Tiwari
Cisco Employee
Cisco Employee

‎10-17-2018 02:16 AM

Hi Guys,

In customer VA/PT is it found that TLS_FALLBACK_SCSV extension is not enabled in ISE 2.3 P4.

Now Cisco is asked to enable this.

I don't know how to enable this, however, i am sure it will be enabled with ROOT access, which i don't see practice and recommendation from Cisco.

If we go into ROOT console and enable this what will be downside of it.

If it is enabled in ROOT access, will Cisco provide support in future if any issue comes up around it.

 

Please advise...

 

Regards,

Jay

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
howon
Cisco Employee
Cisco Employee

‎10-17-2018 07:40 AM

Any root access changes needs to be worked through TAC. Please create TAC SR regarding the issue.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
howon
Cisco Employee
Cisco Employee

‎10-17-2018 07:40 AM

Any root access changes needs to be worked through TAC. Please create TAC SR regarding the issue.

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee

‎10-21-2018 03:02 AM

I agreed with Hosuk that this should be handled through Cisco TAC. Please ask the customer to provide detailed info how TLS_FALLBACK_SCSV found not enabled in ISE so TAC may verify and escalate, if needed.

All the CVEs associated with POODLE vulnerability have been resolved by fixing CSCur29078 in ISE 1.2 Patch 13 and ISE 1.3 FCS.

0 Helpful
Customers Also Viewed These Support Documents