Disable RC4 and DES on SPE
search cancel

Disable RC4 and DES on SPE

book

Article ID: 267152

calendar_today

Updated On:

Products

Protection Engine for Cloud Services

Issue/Introduction

On the Symantec SPE server,  vulnerability CVE-2016-2183 has been identified and the suggested solution is to disable RC4 and 3DES, is it possible to disable these protocols on the server without disruption or malfunctioning between the proxy and this server? if yes, how to disable them?

 

 

Environment

Release : 8.2.2

Resolution

1. To disable RC4 and 3DES, In the Command Prompt, type regedit and press Enter, remove HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002, and then restart the server.

2. However,  Vulnerability CVE-2016-2183 refers to OpenSSL implementation of SSLv2 protocol and SPE SPE does not support SSLv2 protocol for UI communication which is an older and insecure version of SSL/TLS protocol. Is Symantec Protection Engine (SPE) for CS/NAS affected by CVE-2016-0800 (DROWN) vulnerability?

Note:

  • It's recommended to ensure that SSLv2 is disabled on the affected system and update the OpenSSL which includes the fixes for DROWN vulnerability ex. OpenSSL Version 1.0.2g, revoke weak SSL certificates, and make sure your system uses secure encryption protocol such as TLS 1.2 or higher. 
  • Disabling RC4 and 3DES should not affect SPE as they are considered weak encryption algorithms and are not recommended for use in secure communication. However, it is always recommended to test the impact of any changes made to the system in a test environment before implementing them in a production environment.

 

For more information, reach out to Microsoft Support for any further questions.