BIG NEWS! The Adtran Support Community is moving! In the next few weeks it will be housed in a new location. Be sure to visit our NEW Adtran Community before the end of July to check it out and verify that you can access all the resources and features that you need. If you discover any issues with your account or access, or just want to let us know about your experience, be sure to use our Feedback Form to let us know!
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
davidekstrom
New Contributor

Disable 3DES for TLS/SSL

We recently had a security scan done and on our NetVanta 1234P switches and results came back that it was vulnerable to SWEET32 attack and remediation was "Disable SSH support for 3DES cipher suite" and "Disable TLS/SSL support for 3DES cipher suite".  I found the commands to show the ciphersuites and to disable them.  This is what we have after doing so.  My question is, does this fix the security issues?

http secure-ciphersuite dhe-rsa-aes256-sha
http secure-ciphersuite aes256-sha
no http secure-ciphersuite edh-rsa-des-cbc3-sha
no http secure-ciphersuite des-cbc3-sha
no http secure-ciphersuite des-cbc3-md5
http secure-ciphersuite dhe-rsa-aes128-sha
http secure-ciphersuite aes128-sha
no http secure-ciphersuite rc4-sha
no http secure-ciphersuite rc4-md5
no http secure-ciphersuite edh-rsa-des-cbc-sha
no http secure-ciphersuite des-cbc-sha
http secure-ciphersuite des-cbc-md5

0 Kudos