Forum Discussion

truongh_36312's avatar
truongh_36312
Icon for Nimbostratus rankNimbostratus
Dec 24, 2014

How to mitigate the SSLv3 vulnerability on server side

we have bigip ltm version 10.2.3. we want to mitigate the SSLv3 on the server (not on F5) because SSL sessions for SSLv3 do not terminate on the F5 Bigip appliances. Any info or reply is appreciated. Thanks in advance.

 

3 Replies

  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Dec 24, 2014

    it depends on your servers, determine their OS / type and google how to turn off certain SSL versions / ciphers.

     

  • truongh_36312's avatar
    truongh_36312
    Icon for Nimbostratus rankNimbostratus
    Dec 24, 2014

    oh, you mean in this case, to mitigate sslv3 vulnerability we terminate it in server only and not relate to F5 bigip ltm. thanks

     

  • Brad_Parker's avatar
    Brad_Parker
    Icon for Cirrus rankCirrus
    Dec 26, 2014

    If you are doing SSL straight through to the server, the LTM does not affect SSL. All SSL vulnerabilities and configuration would be at the webserver(except for the management interface of the device itself.)