Low Transport Layer Security scoring and other questions
Posted: Mon May 22, 2017 3:01 pm
Hi
I am evaluating TsPlus 10.30.5.15 installed on Windows Server 2012 R2.
I have some concerns about the scoring rated "F" received by SSL Labs Online Testing Tool, received with a 'out of the box' installation.
Using the SSL Cipher Selection Tool I disabled the weak ciphers, but however the rating "F" received warns that there are no support for TLS 1.1 nor 1.2, there is no Key Exchange support, server is vulnerable to POODLE and FREACK attacks.
A) There is a way to mitigate this situation to receive an "A" score as stated in http://www.terminalserviceplus.com/docs/ciphers-suites ?
B) Is the communication between application servers and reverse-proxy server secure?
C) What are the maximum number of servers/connections (to the application servers behind) that the proxy is able to manage?
D) I see a bunch of threads (about 150) started by HTML5Service.exe; is the maximum number of connections limited by this number?
Thank you.
I am evaluating TsPlus 10.30.5.15 installed on Windows Server 2012 R2.
I have some concerns about the scoring rated "F" received by SSL Labs Online Testing Tool, received with a 'out of the box' installation.
Using the SSL Cipher Selection Tool I disabled the weak ciphers, but however the rating "F" received warns that there are no support for TLS 1.1 nor 1.2, there is no Key Exchange support, server is vulnerable to POODLE and FREACK attacks.
A) There is a way to mitigate this situation to receive an "A" score as stated in http://www.terminalserviceplus.com/docs/ciphers-suites ?
B) Is the communication between application servers and reverse-proxy server secure?
C) What are the maximum number of servers/connections (to the application servers behind) that the proxy is able to manage?
D) I see a bunch of threads (about 150) started by HTML5Service.exe; is the maximum number of connections limited by this number?
Thank you.