ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Does the ProxySG appliance support secure client-initiated renegotiation?
Article ID: 168260
Updated On:
Products
ProxySG Software - SGOS
Issue/Introduction
The ProxySG appliance supports secure client-initiated renegotiation and rate shapes it so that if a third attempt at renegotiation fails, it is dropped
Resolution
The ProxySG appliance supports secure client-initiated renegotiation and rate shapes it so that if a third attempt at renegotiation fails, it is dropped. See the following security advisory for more information:
https://support.symantec.com/en_US/article.SYMSA1280.html
When a renegotiation request from a client comes in, the appliance drops the connection to the client after the second renegotiation request is successfully negotiated in the SSL handshake.
In essence, the appliance is not vulnerable to this DDOS attack.
Feedback
Yes
No
Powered by
