Jump to content

Internet protection module: 1181


Go to solution Solved by BDeep,

Recommended Posts

  • ESET Insiders
Posted

Any update on when Internet Protection Module 1181 will be released? Looking for TLS 1.2 support.

  • Administrators
Posted

I'm sorry but I don't understand. TLS 1.2 has been supported for ages. The latest version of the Internet protection module on pre-release servers is 1226.26.

  • ESET Insiders
Posted (edited)

Referring to this thread: https://forum.eset.com/topic/4234-ssl-inspection-tls-12-support/

Production release, not pre-release, ESET Endpoint Security 6.3.2016.0 is using Internet Protection Module 1173.16 with a build date of 17 March 2016.

 

Visiting https://browsercheck.qualys.com shows that ESET SSL Filter CA verified the site, but stepped the security down to TLS 1.0.

Visiting https://browsercheck.qualys.com from an ESET computer not doing SSL inspection shows that the site was verified by Qualsys Inc. and is using TLS 1.2.

Edited by BDeep
  • Administrators
Posted

Could you please post a screen shot of the warning you get from Qualys? I don't see any and have EES 6.3 installed and SSL scanning enabled:

 

post-10-0-80416900-1460116528_thumb.png

 

  • ESET Insiders
Posted

Not really an error, per-say. Just that with ESET SSL inspection on, it appears that traffic is stepping down to TLS 1.0. I can fire up Wireshark if you want packet data but the two pictures below might be enough.

 

With SSL inspection off, Chrome reports a TLS 1.2 certificate.

post-9961-0-49328600-1460165325_thumb.png

 

 

With SSl inspection on, Qualys reports a TLS 1.0 certificate signed by ESET.

 

post-9961-0-33186000-1460165367_thumb.png

  • Administrators
Posted

What operating system did you test it on? It could be a known issue of Schannel which picks a less secure protocol despite getting the information from us that newer ones are supported as well. I tested it on Windows 10 so maybe Microsoft has already addressed that issue.

 

post-10-0-38213900-1460462621_thumb.png

  • ESET Insiders
Posted

What operating system did you test it on? It could be a known issue of Schannel which picks a less secure protocol despite getting the information from us that newer ones are supported as well. I tested it on Windows 10 so maybe Microsoft has already addressed that issue.

 

attachicon.gifv9_tls12.png

 

Windows 7 32bit Enterprise for the screenshots.

I just looked at my 8.1 Enterprise laptop and it shows TLS 1.0 verified by ESET.

 

Both of these machines are domain joined and getting GPOs. In IE, looking at admin-managed settings, I have use "TLS 1.0", "TLS 1.1", and "TLS 1.2" enabled (forced via GPO).

 

Based on this and your reply, if a site only supports 1.2 only, ESET will still establish the connection to site, correct?

  • ESET Insiders
Posted

Here is a real world example. Our communications folks cannot access Verizon Business Enterprise portal. No SSL inspection: flies without issue. ESET SSL inspection: no access whatsoever.

 

https://myverizonenterprise.verizon.com/.

 

Specifically, the site uses only TLS 1.2 and does not support renegotiation. https://www.ssllabs.com/ssltest/analyze.html?d=myverizonenterprise.verizon.com

 

 

vec-tls-1.2-update-en_xg.pdf

  • ESET Insiders
Posted

Hmmm. Crickets. :P

 

Any updates?

  • Administrators
Posted

No problems here:

 

post-10-0-33082100-1460735805_thumb.png

 

post-10-0-95231600-1460735807_thumb.png

 

Any chance of arranging a remote session and checking it out myself?

  • ESET Insiders
Posted (edited)

No problems here:

 

attachicon.gifverizon1.png

 

attachicon.gifverizon2.png

 

Any chance of arranging a remote session and checking it out myself?

 

You still on Windows 10 with that screenshot?

This is a 5000+ Windows enterprise with 7 and 8.1 Enterprise editions. Can't just refresh to Windows 10 overnight. :o

 

Yes on the remote session. Can you PM me or work with me via email to set something up?

Edited by BDeep
  • 2 weeks later...
  • ESET Insiders
  • Solution
Posted

It appears that Internet Protection Module 1226.29 with a build date of 07 April 2016 has been installed. After this program update, the websites mentioned above as well as many others with TLS 1.2 only on Windows 7 and Windows 8.1, are loading correctly. I see the ESET certificate, previously using TLS 1.0 and causing errors, now using TLS 1.2 and loading fine.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...