AnsweredAssumed Answered

Does the ESRI license manager 2019.1 use TLS 1.2.  If so, can it be disabled?

Question asked by asgibson2 on May 14, 2020
Latest reply on May 14, 2020 by randall_williams-esristaff

From my IT person:

 

Last week we updated the license manager server, to improve security and comply with the Office of Information System Security’s (OISS) standards. The tasks performed turned off a web protocol called TLS 1.x and disabled or removed several encryption ciphers known to be vulnerable. Once this task was completed, OISS scanned the server again and still found vulnerabilities related to the old protocol and ciphers. They believe this may be a result of other applications running on the server, such as the license managers.

 

Can you confirm with the application vendors that the version of the software we have installed no longer uses the TLS 1.x protocol and has the most up-to-date cipher suites? If they are/do, could you find out how to disabled and/or remove them?

Outcomes