Trend micro deep security12/1/2023 Verify and upgrade your Deep Security Manager If you want to enforce TLS 1.2 and prevent the use of early TLS and SSL, see instead Enforce TLS 1.2. TLS 1.2 is automatically used when both components support it.įollow the instructions below to verify that your Deep Security components support TLS 1.2 and upgrade them if needed. To use TLS 1.2 without enforcing it, just make sure your components support TLS 1.2. For details on enforcement, see Enforce TLS 1.2įigure 1: Deep Security as a Service TLS 1.2 is not enforcedįigure 2: On-premise TLS 1.2 is not enforcedįigure 3: On premise TLS 1.2 is enforced You can see that the 9.6 agents can no longer communicate with Deep Security Manager, and neither can older third-party applications. Similarly, newer third-party applications and virtual appliances use TLS 1.2, while older ones use early TLS.įigure 3 shows the TLS communication when TLS 1.2 is enforced. You can see that 10.0 or higher agents communicate with Deep Security Manager over TLS 1.2, while 9.6 versions communicate over early TLS. It is not possible to enforce TLS 1.2 if you're using Deep Security as a Service.įigure 2 shows the TLS communication in an on-premise deployment, when TLS 1.2 is not enforced (the default). Similarly, newer third-party applications use TLS 1.2, while older ones use early TLS. You can see that 10.0 or higher agents communicate with Deep Security as a Service over TLS 1.2, while 9.6 versions communicate over early TLS. The diagrams below show the TLS communication in the Deep Security architecture.įigure 1 shows the TLS communication in a Deep Security as a Service environment. Guidelines for deploying agents, virtual appliances, and relays after TLS 1.2 is enforced.This page describes the benefits of TLS 1.2, and how to use and enforce it in your Deep Security environment. Trend Micro strongly recommends that you use TLS 1.2 communication between all its components. SSL has been discontinued due to security issues. When Deep Security components need to communicate, they determine the latest mutually-supported version of the encryption protocol and then use that version to secure all communication for the duration of their session. Transport Layer Security (TLS), and the earlier Secure Sockets Layer (SSL), are encryption protocols that enable secure connections between different endpoints. Use of strong cipher suites may cause compatibility issues. If you want to enable TLS 1.2 with only strong, A+-rated cipher suites, see instead Enable TLS 1.2 strong cipher suites.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |