- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hello,
We are running CheckPoint R80.10 and have enabled IPS, Anti-Virus, Anti-Bot threat prevention blades. There is a requirement to block TLS1.0 traffic passing through the gateway. Just wondering how we can achieve this using our Threat Prevention blades.
Thanks,
Chandru
You can enable the IPS protection "Transport Layer (TLS) Version 1.0" to block TLSv1.0:
Thanks Anthony. Thats very helpful.
The requirement is to block TLS1.0 traffic for a particular subnet reaching an public IP address. Does it mean, I need to create a new rule under Threat Prevention policy specifying the source and destination with block on TLSv1.0
You are better off creating this exception:
Otherwise, you'll have to create a separate profile with TLS 1.0 protection only and apply it to your desired scope.
OK. Thanks Vladimir. This seems to be a possible solution
Would SSL inspection be needed for this to actually work?
Pretty sure the answer is no, as the client and server agree on SSL/TLS versions and cipher suites right at the start of the negotiations which are still in the clear, and the firewall should be able to inspect it without full HTTPS Inspection.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY