Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
11116
Views
7
Helpful
1
Comments

November 21st: Weak ciphers being disabled for Umbrella and OpenDNS

adamwin
Cisco Employee
Cisco Employee

‎10-11-2024 03:59 PM - edited ‎11-04-2024 12:10 PM

On November 21st, 2024 Cisco will disable the following weak ciphers on our servers:
 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
 
Changes will impact:
* Opendns.com - dashboard and APIs
* Umbrella.com - dashboard and APIs
* Dnsomatic.com
* Dynamic IP Updater Client
* Roaming Client and AnyConnect Roaming Module registration and sync services
 
These weak ciphers are typically used in older environments like Windows XP, Windows 7, or Internet Explorer 11. It's also possible that they are used in network devices like routers and wireless access points. 
 
Although Cisco ended support for Windows 7, 8, and 8.1 in 2022, we did not make any breaking changes at that time. However, to ensure the highest levels of security for our customers, we are now disabling weak ciphers due to their associated security concerns. This message serves as a courtesy notification to customers still using these unsupported operating systems.
 
Please contact support if you need help with this change.
 
Comments
clinton mehta
Level 1
Level 1
‎11-08-2024 04:21 AM

Very thankful to see these updates happening here just like in other institutions - though I do want to extend my condolences to those who still have WinXP, Win7 or anyone using IE11 in their environments.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents