This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LostBoY
Advisor
‎2020-07-31 08:09 AM
Jump to solution

Disable TLS1.0 Chekcpoint R80.40

Hello,

I am looking to block TLS1.0 in my Checkpoint Gateway R80.40.. i followed the following article

 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

my query is that under point 6 it says:

6. Disable the use of SSLv3 and TLS1.0 for Gaia Portal. To do this make the changes below in the same file:

from:

SSLProtocol -ALL {ifcmp = $httpd:ssl3_enabled 1}+{else}-{endif}SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2

To:

SSLProtocol -ALL {ifcmp = $httpd:ssl3_enabled 1}+{else}-{endif}SSLv3 +TLSv1.1 +TLSv1.2

 

but here SSLv3 is mentioned in the bottom line.. can someone please explain this.. Thanks..

 

Also, if i follow the following KB and make the changes via Smartconsole.. is it one and the same thing or do i need to do the changes in SmartConsole as well as Gateways.

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

Thanks

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2020-07-31 12:33 PM
Jump to solution

You need to do both.
You’ll notice that a plus or minus is basically enclosed in an if statement.
Unless you’ve enabled SSLv3 using ssl3_enabled in the configuration, it will result in a minus which means no SSLv3.

View solution in original post

1 Reply
PhoneBoy
Admin
Admin
‎2020-07-31 12:33 PM
Jump to solution

You need to do both.
You’ll notice that a plus or minus is basically enclosed in an if statement.
Unless you’ve enabled SSLv3 using ssl3_enabled in the configuration, it will result in a minus which means no SSLv3.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top