Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
0
Helpful
0
Replies

DH primes on FTD via FMC

shaikh.zaid22
Level 3
Level 3

‎07-25-2022 10:10 PM

Hello,

we have FTDs managed via FMC running ver 7.0. Recently, the ISP scan found a vulnerability on the outside interface of the FTD having weak a DH primes set. I updated the configuration for SSL DH group to: group14 (2048modulus) the highest  available value i found in the FMC gui. Also the ECDHE value set to: group21 (521bit).

The ISP still found the vulnerability, now they recommend to disable the DH primes and use only ECDHE which is confirmed to be secure.

How can i do this. I mean disabling the DH prime completely. 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents