To do this in a F5-LTM, it's quite simple. Just set the disable options for no tls1 and no ssl2 and no ssl3. You can also trim down the cipher suite that you will accept.
You can use SSLLAB or HTBrigde to double check that the ltm virtual-server does not allow those protocols.
Alternative you can monitor the connections using sslscan or openssl or even curl.
e.g
You can use a online ASV service also for PCI compliance checks and to ensure no glaring holes are left in your PCI compliance.
https://www.serverscan.com/PCI-Compliance-Scanning-Solutions-for-Your-Business
or comodo Hackerguardian
https://www.hackerguardian.com
( e.g comodo )
Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment