Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
nigelhooper
New Contributor

How can I improve the security of the SSL offload in Fortios 5.2?

Hi,

  I am trying improve the security of the SSL offload that is running our website.  Our web host is trying struggling to find the correct settings and so I thought I would ask here.  The firewall is an 80C running Fortios 5.2.5 SSLLabs has reported the following problems which I I would like to address:

Secure ClientInitiated Renegotiation Supported DoS DANGER

Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported

Forward Secrecy With some browsers

TLS 1.2 not enabled

I have looked through the ‘CLI Reference for FortiOS 5.2’ and found the ‘ssl-server’ secrtion on page 842 but this doesn’t cover everything, is there anywhere else that I should be looking?

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors