Verify the Cipher used by the DLP Detection Appliance for communication to the Enforce server?

search cancel

Verify the Cipher used by the DLP Detection Appliance for communication to the Enforce server?

book

Article ID: 272908

calendar_today

Updated On:

Products

Data Loss Prevention API Detection for Developer Apps Virtual Appliance Data Loss Prevention API Detection Virtual Appliance Data Loss Prevention Network Prevent for Web Virtual Appliance Data Loss Prevention Network Prevent for Email Virtual Appliance

Issue/Introduction

We need to have be able to verify the cipher used by the Detection Appliance for internal compliance purpose or to obtain an exception for using the hardcoded cipher.

Environment

Release : 15.8, 16.0

Resolution

You can use openssl or nmap to connect to the appliance port (8110/tcp) to determine the cipher.

Any of these will work:

nmap -Pn --script ssl-enum-ciphers -p 8110 appliance_IP

openssl s_client -connect appliance_IP:8110 </dev/null

Replace appliance_IP with the IP of the appliance.

Additional Information

Article Id:270394 - Does modifying the SSLcipherSuite in the MonitorController.properties file impact the Detection API Appliance

Feedback

thumb_up Yes

thumb_down No