cancel
Showing results for 
Search instead for 
Did you mean: 

disable SSL and use TLS only on Prognosis 10.3

IR Partner
IR Partner

disable SSL and use TLS only on Prognosis 10.3

On Prognosis 10.3 with SQL 2012, Prognosis Web Session Recorder 1.0.0.0, SCOM Agent on Windows 2012R2, is it able to disable SSL and use TLS only. Will there any affection or impact to the system. 

1 ACCEPTED SOLUTION

Accepted Solutions

Re: disable SSL and use TLS only on Prognosis 10.3

Hello PL,

 

Prognosis 10.3 has several dependencies on TLS 1.0. Disabling SSL or TLS versions will impact the function of this Prognosis version.

 

In early versions of Prognosis 11 TLS 1.0 was disabled. There have been several other SSL and TLS changes in Prognosis over time to address weak and vulnerable security ciphers and protocols.

 

Environments implementing SSL and TLS security measures while using earlier versions of Prognosis encountered Prognosis issues because the earlier versions of Prognosis depended on some of the disabled protocols.

 

The recommendation is to

  1. Upgrade to Prognosis 11.6 or 11.7 first.
    - FIPS compliance can also be enabled to increase the security level Prognosis uses.
  2. After the Prognosis upgrade (and possibly enabling FIPS), then the options for disabling some SSL and TLS protocols can be pursued.

 

Since Prognosis 10.3 is already at End of Life, the recommendation is to contact the Account Manager about using a Professional Services Organization engagement to ensure a successful upgrade to a current Prognosis version.

 

Thank you,
Scott Baldwin

 

View solution in original post

1 REPLY 1

Re: disable SSL and use TLS only on Prognosis 10.3

Hello PL,

 

Prognosis 10.3 has several dependencies on TLS 1.0. Disabling SSL or TLS versions will impact the function of this Prognosis version.

 

In early versions of Prognosis 11 TLS 1.0 was disabled. There have been several other SSL and TLS changes in Prognosis over time to address weak and vulnerable security ciphers and protocols.

 

Environments implementing SSL and TLS security measures while using earlier versions of Prognosis encountered Prognosis issues because the earlier versions of Prognosis depended on some of the disabled protocols.

 

The recommendation is to

  1. Upgrade to Prognosis 11.6 or 11.7 first.
    - FIPS compliance can also be enabled to increase the security level Prognosis uses.
  2. After the Prognosis upgrade (and possibly enabling FIPS), then the options for disabling some SSL and TLS protocols can be pursued.

 

Since Prognosis 10.3 is already at End of Life, the recommendation is to contact the Account Manager about using a Professional Services Organization engagement to ensure a successful upgrade to a current Prognosis version.

 

Thank you,
Scott Baldwin

 

View solution in original post