Forum Discussion
Noel_C__180670
Nimbostratus
NimbostratusTLS1.x Padding Vulnerability Workaround and EAS
Hello, I'd like to employ the workaround described in SOL15882 where I'll have to create a custom cipher string using RC4-SHA ciphers. The SOL states "clients that do not support the RC4-SHA cipher will fail to establish a connection to the virtual server". Our virtual server is where our Exchange Active Sync (EAS) clients connect to. I would like to know which EAS clients, if any, would be impacted by this change. Any advice would be greatly appreciated!
Brad_ParkerCirrus
RC4 has been around quite a while and I don't think any devices have deprecated it yet. If a device doesn't support it it would more likely be because it was disabled by the user or a policy. Its usually a pretty safe bet that the user will not have disabled RC4. I would however recommend patching sooner rather than later as RC4 is considered to be weak at this point and will soon be considered insecure.
boneyardMVP
i agree with Brad, i would expect RC4 to be pretty broadly supported. but do remember that using RC4 is not advised by a large group and i suspect the support is going to go away pretty soon.
so plan that upgrade sooner then later.
Noel_C__180670Thanks guys. I plan on upgrading to the latest and greatest within the next several weeks!