Solved

SSL version 2 on ISA2006 unsecure ?

Posted on 2008-10-23
5
642 Views
Last Modified: 2012-06-22
I have a website, OWA and Server-Activesync behind an ISA2006.
The Exchange is a single server (no front end)

I did a test on this ISA2006 with Nessus and one issue is that the server uses SSL 2.0, the recommendation is that i disable 2.0 and uses SSL 3.0 or TLS 1.0.

Can anyone explain this to me in human language, and tell me if it's possible on ISA2006.
Can i use SSL 3.0 insted of 2.0 ??
0
Comment
Question by:kjohansen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22810415
ISA will support all versions of SSL out of the box and they are all secure.

Keith
0
 

Author Comment

by:kjohansen
ID: 22810749
Thanks for that exeptional description Keith that was just what i needed..

0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 300 total points
ID: 22810862
I assume that was some sort of attempt by yourself at sarcasm?

You state you have performed a test with Nessus although you give no details of what the test was nor what caused/provided the recommendation so I am unsure what you would like me to respond to for that aspect.
Again, it is difficult to describe anything at all with out some background detail to give a context.
You also ask if you can use SSL3.0 instead of SSL2.0? ISA does not dictate the SSL version. On the assumption you are bridging SSL through the publishing rules then ISA will make an SSL call and the host will dictate the version in its response - and ISA will use it.

Your actual question simply asks if SSL 2.0 is unsecure on ISA2006 - no, it is not.
If that is not actually the question that you wanted to ask then please feel free to provide some detailed information that will allow us to respond accordingly or just state that this is not the question you want answering, and fire away with what you really want to ask.


0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question