SSL Configuration in Insight Control (381 Views)
Reply
Occasional Contributor
JeffG
Posts: 7
Registered: ‎11-06-2008
Message 1 of 3 (381 Views)

SSL Configuration in Insight Control

I need to ensure that Insight Manager uses strong cryptography. I have found documentation that SIM supports ssl v3 and tsl 1 but cannot find documentation on how to enforce it. Scanning for vulnerabilities on ports 7096, 50000, 50001, 51125 and 51127 discovered that weak and medium strength ciphers are supported. I am currently running Insight 6.2 on windows 2008. Any help would be really appreciated.
Occasional Visitor
AshaR_1
Posts: 2
Registered: ‎04-24-2011
Message 2 of 3 (381 Views)

Re: SSL Configuration in Insight Control

Hi Jeff G

Yes, HPSIM uses SSLV3/TLS1. We currently do not support any UI to enforce stronger cipher suites, however we are planning to support one in near SIM release.

SIM uses several Stronger Ciphersuites (128 bits) and few weaker ciphers as well. In future, we could restrict the weaker ones through UI.

Alternatively, by restricting all the weaker ciphers from the Client side (Browser) by any means, the server can not get a chance to select any weaker cipher for its SSL transport.

Thanks.
Occasional Contributor
okanek
Posts: 5
Registered: ‎11-09-2011
Message 3 of 3 (349 Views)

Re: SSL Configuration in Insight Control

Hi,

 

Can anyone provide an update on this, i.e. are any UIs supported in v6.3 or v7.0 to enforce stronger ciphers?

 

Thanks.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.