Cisco Cisco Email Security Appliance X1070 Guía Del Usuario
33-58
Cisco AsyncOS 9.1 for Email User Guide
Chapter 33 System Administration
Changing Network Settings
Configuring SSL Settings
You can configure the SSL settings for the appliance using SSL Configuration Settings page or
sslconfig
command.
Procedure
Step 1
Click System Administration > SSL Configuration Settings.
Step 2
Click Edit Settings.
Step 3
Depending on your requirements, do the following:
•
Set GUI HTTPS SSL settings. Under GUI HTTPS, specify the SSL methods and ciphers that you
want to use.
want to use.
•
Set Inbound SMTP SSL settings. Under Inbound SMTP, specify the SSL methods and ciphers that
you want to use.
you want to use.
•
Set Outbound SMTP SSL settings. Under Outbound SMTP, specify the SSL methods and ciphers
that you want to use.
that you want to use.
Note
You cannot enable SSL v2 and TLS v1 methods simultaneously. However, you can enable these
methods in conjunction with SSL v3 method.
methods in conjunction with SSL v3 method.
Step 4
Click Submit.
Step 5
Click Commit Changes.
Disabling SSLv3 for Enhanced Security
For enhanced security, you can disable SSLv3 for the following services:
•
Updater
•
URL Filtering
•
End User Quarantine
•
LDAP
Use the
sslv3config
command in CLI to enable or disable SSLv3 for the above services. The following
example shows how to disable SSLv3 for End User Quarantine.
mail.example.com> sslv3config
Current SSLv3 Settings:
--------------------------------------------------
UPDATER : Enabled
WEBSECURITY : Enabled
EUQ : Enabled
LDAP : Enabled
--------------------------------------------------
Choose the operation you want to perform:
- SETUP - Toggle SSLv3 settings.
[]> setup