Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ScottG67
Participant

Report on TLS connections

Hello All,

 

   We are looking to make the necessary changes to remove TLS 1.0 and 1.1 from our gateways. What I would like to know is how many connections we have on these protocols now. Is there a way to generate a report to show what protocol and or Cipher is used during the connection?

 

Thanks,

Scott

0 Kudos
2 Replies
the_rock
Champion
Champion

One thing I would try is if you have monitoring blade enabled on the gateway, you can open logs and settings from dashboard and then once you open new tab, just open sv monitor on the bottom left and then under reports, see if there is any option to generate custom report for this. I will check in my lab tomorrow.

0 Kudos
Tobias_Moritz
Advisor

I don't think monitoring blade will help you here. But of course you can give it a try.

What you can do, if you have Application Control blade available:

Create different rules for TLS 1.0, TLS 1.1, TLS 1.2.

In these rules, use custom tcp objects where you set the protocol approprietly (TLS10, TLS11, TLS12) AND enable the "Protocol Signature" checkbox in the advanced tab of these service objects.

Then you can observe the hits on that rules. With using one service object per rule, you can use the rule hitcount as fast indicator. If that is not needed because you do log analysis anyway, you can put all three objects in rule because you will see which object has matched in the log entry. But you need to make sure your traffic is handled by a rule, where these objects are used. Otherwise, other objects (like the default https or "tls1.0" will match).