- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Just stumbled on this article: Don't panic about domain fronting, an SNI fix is getting hacked out • The Register
and wanted to get some feedback from Check Point gurus on how this will be addressed.
There are already issues with SNI and SSL inspection, what is being done to address those as well as ESNI?
This is something that is on our radar for sure.
As to the specifics, it's probably too soon to say.
Google will be enforcing TLS 1.3 with their web sites with Chrome 72. This will impact primarily SSL inspection.
Also CloudFlare announced their support for ESNI. This will impact AppControl and other blades.
My personal impression is that it will become more and more important to push the security envelope towards the clients.
And just to make things more interesting, there is now a DNS over HTTPS RFC 8484:
TLS 1.3 still not supported. Any roadmap?
TLS 1.3 support was introduced in Q4-2020 with the release of R81.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY