topic Re: Monitor TLS versions outbound and inbound traffic passing through a gateway in General Topics

Monitor TLS versions outbound and inbound traffic passing through a gateway

Tiger_QAs — Thu, 03 Jun 2021 19:52:50 GMT

Is there a recommended way to monitor which connections are using TLS1.0 / TLS1.1 / TLS 1.2 ?

Does SSL inspection have to be enabled for TLS traffic analysis ?

Use case: If we have to make TLSv1.2 mandatory we would like to know the current usage of all the versions.

Re: Monitor TLS versions outbound and inbound traffic passing through a gateway

PhoneBoy — Fri, 04 Jun 2021 16:44:50 GMT

I believe there are IPS signatures for the various TLS versions.
You can enable them in detect mode to see which clients are using them.

Re: Monitor TLS versions outbound and inbound traffic passing through a gateway

Benedikt_Weissl — Mon, 07 Jun 2021 08:19:18 GMT

Does SSL inspection have to be enabled for TLS traffic analysis ?

No, but you need AppControl. There are predefined Services for TLS1.0 to TLS1.2. I had to manually enable the protocol signature in the advanced tab of the serivce, so check that before installation.