Utilizing ASA to 'upgrade' outbound TLS connections to TLS 1.2
We have an old legacy application which connects to a third party via SSL. The third party provider is limiting connections to using TLS 1.2 beginning in June. Our legacy application can only support TLS 1.0. Upgrading the application seems to be not possible at the moment according to our development team. We use a Cisco ASA 5515X at our border. I was wondering if there was any way to have an ASA 'proxy' TLS sessions for a particular inside host and connect to an Internet host using TLS 1.2 on behalf of the inside host? So something like the inside host (with the ASA as the default route) connects to the ASA outbound, the ASA intercepts this connection, holds it open while connecting to the requested outside host via TLS 1.2. I noticed that the ASA has a TLS proxy of sorts for use with securing VoIP sessions, but I wondered if it could be leveraged here for what I am trying to do. Is there any other way I can have the ASA intercept older TLS sessions and have them be upgraded to TLS 1.2? Thanks in advance for any ideas.
HIDoes anyone know if there is an easier way than the belowQ. I check connection events for IOC's when requested and sometimes i have to check many url's which i am presently doing one url at a time and is very time consuming, is there a way to check mult...
Cisco Identity Services Engine (ISE) gives you intelligent Integrated protection through intent-based policy and compliance solution. ISE supports external MDM vendor integration to help the customers to look for compliance of a dev...
This video provides the steps to configure the Cisco Threat Response (CTR) and ESA Integration.
This is live on the portal:https://video.cisco.com/video/6159336218001
And on YouTube:https://www.youtube.com/watch?v=UCKIdx5rdFg
I need to migrate from C170 to C190 and have already match to the same Firmware Version. I have a question. Is there any method that can export and import the configuration file instead of form cluster ?