ProxySG - How to disable export grade ciphers to prevent FREAK attack.

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

For SGOS releases prior to 7.2, they are vulnerable in all SSL/TLS interfaces. Export grade ciphers are enabled by default but can be disabled.

The possible reference to Disable to Disallow other ciphers are well

Resolution

For SGOS 7.2 and later, please refer to the SSL Proxy Best Practices Guide.

For SGOS releases prior to 7.2, change configuration settings to disallow export-grade ciphers for HTTPS Console ( and/or HTTPS Reverse Proxies), SSL Device Profiles, and SSL Client Configuration by CLI. For SSL Forward Proxy, disallow export ciphers through policy.

Sample CLI commands and policy

For HTTPS Console ( and/or HTTPS Reverse Proxies )

If using HTTPS Reverse Proxies, do same operation to HTTPS Reverse Proxies service as well.
.....
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config)management-services
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config management-services)edit HTTPS-Console
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config HTTPS-Console)view
Service Name:   HTTPS-Console
Service:        HTTPS-Console
Attributes:     <None>
Keyring: default
SSL Protocol version: tlsv1 tlsv1.1 tlsv1.2
CA Certificate List: <All CA Certificates>
Cipher Suite: aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha exp-des-cbc-sha exp-rc4-md5 exp-rc2-cbc-md5
Destination IP    Port Range
<All>             8082              Enabled
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config HTTPS-Console)attribute cipher-suite aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha
ok
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config HTTPS-Console)view
Service Name:   HTTPS-Console
Service:        HTTPS-Console
Attributes:     <None>
Keyring: default
SSL Protocol version: tlsv1 tlsv1.1 tlsv1.2
CA Certificate List: <All CA Certificates>
Cipher Suite: aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha
Destination IP    Port Range
<All>             8082              Enabled
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config HTTPS-Console)
.....

(For HTTPS Reverse Proxy)

.....
Blue Coat SG300 Series#(config)proxy-services
Blue Coat SG300 Series#(config proxy-services)edit "reverse-proxy-service-name"
Blue Coat SG300 Series#(config "reverse-proxy-service-name")view
Service Name: "reverse-proxy-service-name"
Service Group: Reverse Proxy
Proxy: HTTPS Reverse Proxy
Attributes: use-adn, adn-byte-cache, adn-compress, byte-cache-priority normal, early-intercept
Keyring: default
SSL Protocol version: tlsv1 tlsv1.1 tlsv1.2
CA Certificate List: <All CA Certificates>
Cipher Suite: ecdhe-rsa-aes128-sha256 ecdhe-rsa-aes128-gcm-sha256 ecdhe-rsa-aes128-sha ecdhe-rsa-aes256-sha ecdhe-rsa-rc4-sha aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha exp-des-cbc-sha exp-rc4-md5 exp-rc2-cbc-md5
Source IP Destination IP Port Range Action
<All> XXX.XXX.XXX.XXX 443 Intercept

.....
Below is the steps to remove low, middle and export strength cipher suite for your reference
.....

Blue Coat SG300 Series#(config "reverse-proxy-service-name")attribute cipher-suite
<< press enter to view all available cipher strength as per below >>

Cipher# Use Description Strength
------- --- --------------------------- --------
1 yes ECDHE-RSA-AES128-SHA256 High
2 yes ECDHE-RSA-AES128-GCM-SHA256 High
3 yes ECDHE-RSA-AES128-SHA High
4 yes ECDHE-RSA-AES256-SHA High
5 yes ECDHE-RSA-RC4-SHA Medium
6 yes AES128-SHA256 High
7 yes AES256-SHA256 High
8 yes AES128-SHA Medium
9 yes AES256-SHA High
10 yes DHE-RSA-AES128-SHA High
11 yes DHE-RSA-AES256-SHA High
12 yes DES-CBC3-SHA High
13 yes RC4-SHA Medium
14 yes RC4-MD5 Medium
15 yes DES-CBC-SHA Low
16 yes EXP-DES-CBC-SHA Export
17 yes EXP-RC4-MD5 Export
18 yes EXP-RC2-CBC-MD5 Export

Select cipher numbers to use, separated by commas: 1, 2, 3, 4, 6, 7, 9, 10, 11, 12, 13
ok
.....
View and you will see only the highstrengh cipher suite.
.....
Blue Coat SG300 Series#(config "reverse-proxy-service-name")view
Service Name: "reverse-proxy-service-n
Service Group: Reverse Proxy
Proxy: HTTPS Reverse Proxy
Attributes: use-adn, adn-byte-cache, adn-compress, byte-cache-priority normal, early-intercept
Keyring: default
SSL Protocol version: tlsv1 tlsv1.1 tlsv1.2
CA Certificate List: <All CA Certificates>
Cipher Suite: ecdhe-rsa-aes128-sha256 ecdhe-rsa-aes128-gcm-sha256 ecdhe-rsa-aes128-sha ecdhe-rsa-aes256-sha aes128-sha256 aes256-sha256 aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha
Source IP Destination IP Port Range Action
<All> XXX.XXX.XXX.XXX 443 Intercept
.....

For SSL Client Configuration

.....
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config)ssl
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config ssl)edit ssl-client default
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config ssl ssl-client default)view
SSL-Client: default
Keyring: <None>
CCL: browser-trusted
Protocol: tlsv1 tlsv1.1 tlsv1.2
Cipher suite: aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha exp-des-cbc-sha exp-rc4-md5 exp-rc2-cbc-md5
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config ssl ssl-client default)cipher-suite aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha
ok
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config ssl ssl-client default)view
SSL-Client: default
Keyring: <None>
CCL: browser-trusted
Protocol: tlsv1 tlsv1.1 tlsv1.2
Cipher suite: aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config ssl ssl-client default)
.....

For SSL Device Profiles

.....
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config)ssl
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config ssl)edit ssl-device-profile default
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config device-profile default)view
Name: default
Usable for: client
Keyring:
CCL: browser-trusted
Device-id: $(subject.CN)
Cipher suite: aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha exp-des-cbc-sha exp-rc4-md5 exp-rc2-cbc-md5
Protocol: tlsv1 tlsv1.1 tlsv1.2
Verify-peer: enabled
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config device-profile default)cipher-suite aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha
ok
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config device-profile default)view
Name: default
Usable for: client
Keyring:
CCL: browser-trusted
Device-id: $(subject.CN)
Cipher suite: aes128-sha256 aes256-sha256 aes128-sha aes256-sha dhe-rsa-aes128-sha dhe-rsa-aes256-sha des-cbc3-sha rc4-sha rc4-md5 des-cbc-sha
Protocol: tlsv1 tlsv1.1 tlsv1.2
Verify-peer: enabled
XXX.XXX.XXX.XXX - Blue Coat SG300 Series#(config device-profile default)
.....

For SSL Forward Proxy

add policy to disallow export level cipher through CPL or VPM

CPL

....
<SSL>
client.connection.negotiated_cipher.strength=(Export) exception(silent_denied)
client.connection.negotiated_cipher=(exp-des-cbc-sha,exp-rc4-md5,exp-rc2-cbc-md5)exception(silent_denied)
server.connection.negotiated_cipher.strength=(Export) exception(silent_denied)
server.connection.negotiated_cipher=(exp-des-cbc-sha,exp-rc4-md5,exp-rc2-cbc-md5) exception(silent_denied)
.....

When traffic matches policy such as the example above, the proxy denies the connection to the OCS without providing any user feedback.

The silent_denied exception causes a reset, terminating all further communication on the connection or stream.
Denying all low and medium strength ciphers might prevent communication with older clients and servers.

If this issue occurs, review the allowed ciphers and adjust the previous policy to enable appropriate ciphers for a successful legacy traffic flow; however, you should weigh the time and effort required to resolve the issue against the potential risk of using weak ciphers between the appliance and the user.

Alternatively, you can write policy that provides a reason for the denial to the user via an HTML exception page. Replace exception(silent_denied) with force_deny, such as:

client.connection.negotiated_cipher=(exp-des-cbc-sha,exp-rc4-md5,exp-rc2-cbc-md5)force_deny

In order for the user to receive the exception page, however, the proxy must encode the HTML with the weak cipher (the cipher the policy condition denied). Using weak ciphers is a vulnerability risk. In addition, security scanners may report the exception page as a weak cipher reply from the OCS, although the exception page was actually generated by the proxy. Security scanning results will indicate a failure to guard against weak ciphers.

VPM (add 4 deny rules in SSL Access Layer)

Rule 1
Source: Client Negotiated Cipher -> Check EXP-DEC-CBC-SHA, EXP-RC2-CBC-MD5 and EXP-RC4-MD5

Create an action called SilentDeny which will be used for all of the other rules:

Rule 2
Source: Client Negotiated Cipher Strength -> Check Export
Action: SilentDeny

Rule 3
Destination: Server Negotiated Cipher -> Check EXP-DEC-CBC-SHA, EXP-RC2-CBC-MD5 and EXP-RC4-MD5
Action: SilentDeny

Rule 4
Source: Server Negotiated Cipher Strength -> Check Export
Action: SilentDeny