CA Single Sign On Secure Proxy Server (SiteMinder)AXIOMATICS POLICY SERVERCA Single Sign On SOA Security Manager (SiteMinder)CA Single Sign-On
Issue/Introduction
Networking team is upgrading the Netscalar Load Balancer from code 10.5 63.8.nc to 11.1 56.19.nc, because of the amber vulnerability alert reported for TLS ROBOT. These LBs are front ending various Siteminder components such as federation web server, reverse proxy, and SharePoint Agent server. I would like to check if CA is aware of any compatibility issues or any specific configuration that need to be taken care of to ensure this upgrade does not break any of the Siteminder services.
Environment
Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus Component:
Resolution
This vulnerability calls for disabling of all RSA ciphers. Need to assure at least one common non-RSA cipher between load balancers and Siteminder components.