Impact of disable weak cipher on port 443, 3389, 5986
search cancel

Impact of disable weak cipher on port 443, 3389, 5986

book

Article ID: 247149

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

As flagged in the security audit, ports 443, 3389, and 5986 are using cipher suite TLS_RSA_WITH_AES_256_GCM_SHA384. Will there be any impact on the communication between UIM infra and probes if I disable this cipher suite at the host level?

Environment

Release : 20.4
Component : UNIFIED INFRASTRUCTURE MGMT

Resolution

UIM does not have its own ciphers. It relies on OS level ciphers only. Some probes have the option to provide the preferable ciphers but all should be available at OS level. 

We do not verify each and every ciphers at OS level and UIM just use them. So, as long as there are other ciphers that UIM can use, it is fine.