<div>
if youre not already aware how to do it id recommend a tool like iis crypto<br />
<a href="https://www.nartac.com/Products/IISCrypto/" rel="ugc">https://www.nartac.com/Products/IISCrypto/</a><br />
<br />
its farly easy to do via regedit but this tool does the work for you!
</div>


if youre not already aware how to do it id recommend a tool like iis crypto
https://www.nartac.com/Products/IISCrypto/ [https://www.nartac.com/Products/IISCrypto/]

its farly easy to do via regedit but this tool does the work for you!

Network Manager

zito2000

Network Engineer 

kevinhsieh

<div>
Here is an article that discusses enabling TLS 1 1 and 1.2: <a href="https://community.ipswitch.com/s/article/How-to-Enable-TLS-1-1-TLS-1-2-on-Windows-Server-2008-R2" rel="ugc">https://community.ipswitch<wbr />.com/s/art<wbr />icle/How-t<wbr />o-Enable-T<wbr />LS-1-1-TLS<wbr />-1-2-on-Wi<wbr />ndows-Serv<wbr />er-2008-R2<wbr /></a><br />
<br />
Ideally, you only have TLS 1.2 enabled, but you may need 1.1 also. TLS 1.0 and all versions of SSL should be disabled, as they are all insecure.<br />
<br />
Herr is an article on ciphers: <a href="https://support.hostway.com/hc/en-us/articles/360000024630-Managing-Windows-Server-Cipher-Suites-?mobile_site=true" rel="ugc">https://support.hostway.co<wbr />m/hc/en-us<wbr />/articles/<wbr />3600000246<wbr />30-Managin<wbr />g-Windows-<wbr />Server-Cip<wbr />her-Suites<wbr />-?mobile_s<wbr />ite=true</a><br />
Insecure ciphers should all be disabled.<br />
<br />
Now you see why I had recommended IISCrypto on your last question. While you can use the registry, you are making things unnecessarily hard in doing so.
</div>


Here is an article that discusses enabling TLS 1 1 and 1.2: https://community.ipswitch.com/s/article/How-to-Enable-TLS-1-1-TLS-1-2-on-Windows-Server-2008-R2 [https://community.ipswitch.com/s/article/How-to-Enable-TLS-1-1-TLS-1-2-on-Windows-Server-2008-R2]

Ideally, you only have TLS 1.2 enabled, but you may need 1.1 also. TLS 1.0 and all versions of SSL should be disabled, as they are all insecure.

Herr is an article on ciphers: https://support.hostway.com/hc/en-us/articles/360000024630-Managing-Windows-Server-Cipher-Suites-?mobile_site=true [https://support.hostway.com/hc/en-us/articles/360000024630-Managing-Windows-Server-Cipher-Suites-?mobile_site=true]
Insecure ciphers should all be disabled.

Now you see why I had recommended IISCrypto on your last question. While you can use the registry, you are making things unnecessarily hard in doing so.

<div>
<div class="content wysiwyg-content">
I would like to find a way to see which security protocols/ciphers are being used with IIS 6 on our windows 2008r2 server.<br />
Where is the right place in the registry, or IIS to look for these settings?<br />
<br />
Thanks,
</div>
</div>


I would like to find a way to see which security protocols/ciphers are being used with IIS 6 on our windows 2008r2 server.
Where is the right place in the registry, or IIS to look for these settings?

Thanks,

How do I find out which security protocols are being used on a windows 2008 R2 IIS server?

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Windows OS

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.