If a malicious user were to create a connection to your system over a communications channel that uses weak cipher suites, this person could exploit the known weaknesses in these suites to put your system and information at risk. Here is a sample site-level configuration: Įach SSL info field is a hexadecimal number that maps to either a secure protocol version or cipher suite algorithm.įor an HTTP plain-text request, all four fields will be logged as ‘-‘.Ī sample log and explanation of the new fields follows:įor more information visit Official Microsoft Documentation for Custom Logging Fields in IIS.Enabling strong cipher suites allows you to be certain that all of the communications to and from your Deep Security components are secure. The custom logging can be configured on either server level or site level.
To enable this new functionality, these four server variables need to be configured as the sources of the custom fields in IIS nfig. With the addition of the new custom logging fields detailed below, you will be able to quantify the usage of outdated security protocols and ciphers by clients connecting to your services.
IIS logs can already be used to correlate client IP address, user agent string, and service URI. This post is authored by Andrew Marshall, Principal Security Program Manager, TwC Security, Yanbing Shi, Software Engineer, Internet Information Services Team, and Sourabh Shirhatti, Program Manager, Internet Information Services Team.Īs a follow-up to our announcement regarding TLS 1.2 support at Microsoft, we are announcing new functionality in Windows Server 2012R2 and Windows Server 2016 to increase your awareness of clients connecting to your services with weak security protocols or cipher suites.
Identity & access management Identity & access management.App & email security App & email security.
0 kommentar(er)
