• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2339
  • Last Modified:

Sonicwall - Port 443 Encryption Algorithm

During a recent security audit, I was informed that our Sonicwall device needed to support a stronger encryption algorithm for 443 TCP/HTTPS connections. The auditors reported that 443 was using the RC4-128 Bit cipher. I found an option for SSL VPN (which we are running over 4433) and I changed that to an AES cipher, but I do not see an option to change the cipher for 443 connections to the Sonicwall.
Is it possible to update the cipher setting for port 443 connections?
The only 443 connection we use is for configuration management.
I am running a Sonicwall NSA240, SonicOS Enhanced
  • 2
1 Solution
Did they say that specifically FOR the sonicwall or devices on your network on the other side of the sonicwall? Also, I believe that increasing the ssl-vpn encryption would cover that nicely. As you said, the only other thing I can think of is the management interface, and why would they care what the encryption level is? You could purchase an SSL certificate and import that to the sonicwall rather than using a self-signed cert.
prsbyrdAuthor Commented:
Thanks. Those were my thoughts as well.
They specifically referenced the outside interface IP on the Sonicwall and the 443 TCP/HTTPS port/service.
I think if anything, we can just remove management/user login from that interface altogether. Both are currently enabled on that interface.
I know there is a lot of back and forth regarding leaving management enabled on that interface. We change the port for management on that interface not only as a part of security, but also because we have 443 redirection into an internal server.

You lose another way of managing the sonicwall in the event something goes south and you can't establish a VPN in. I'd suggest an out of band connectivity method.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now