prsbyrd
asked on
Sonicwall - Port 443 Encryption Algorithm
During a recent security audit, I was informed that our Sonicwall device needed to support a stronger encryption algorithm for 443 TCP/HTTPS connections. The auditors reported that 443 was using the RC4-128 Bit cipher. I found an option for SSL VPN (which we are running over 4433) and I changed that to an AES cipher, but I do not see an option to change the cipher for 443 connections to the Sonicwall.
Is it possible to update the cipher setting for port 443 connections?
The only 443 connection we use is for configuration management.
I am running a Sonicwall NSA240, SonicOS Enhanced 5.8.1.0-30o
Is it possible to update the cipher setting for port 443 connections?
The only 443 connection we use is for configuration management.
I am running a Sonicwall NSA240, SonicOS Enhanced 5.8.1.0-30o
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I know there is a lot of back and forth regarding leaving management enabled on that interface. We change the port for management on that interface not only as a part of security, but also because we have 443 redirection into an internal server.
You lose another way of managing the sonicwall in the event something goes south and you can't establish a VPN in. I'd suggest an out of band connectivity method.
You lose another way of managing the sonicwall in the event something goes south and you can't establish a VPN in. I'd suggest an out of band connectivity method.
ASKER
They specifically referenced the outside interface IP on the Sonicwall and the 443 TCP/HTTPS port/service.
I think if anything, we can just remove management/user login from that interface altogether. Both are currently enabled on that interface.