Hi!
Our company recently hired a security consultant, which flagged our Omniswitch(es), in an audit, due to SSLv2/SSLv3 ciphers on our Omniswitch OS6450 and OS6350 switches.
According to
https://www.al-enterprise.com/en/-/med ... 82014.pdf
, "SSL 3.0 will be disabled in AOS software moving forward.", which makes me believe any firmware from 2015+ should have removed SSLv3 ciphers.
We upgraded to version 6.7.2.122 (6.7.2 R08) in January 2021, and have purchased numerous NEW switches since 2017. I have confirmed with nmap that SSLv3 cipers are still offered.. does anyone know how to remove SSLv3 cipers? I have access to docs, but cannot find a procedure to modify.
Thank you in advance!