How to Disable the SSLv3 Protocol and the RC4-based SSL Cipher Suites on the TCPS end-point on Audit Vault Server and Database Firewall
(Doc ID 1987232.1)
Last updated on DECEMBER 19, 2019
Applies to:Oracle Audit Vault and Database Firewall - Version 126.96.36.199 and later
Generic (Platform Independent)
This note applies to Oracle Audit Vault and Database Firewall only for the following upgrade scenarios:
- systems upgraded from 188.8.131.52 or earlier to 184.108.40.206 or later
- systems upgraded from 220.127.116.11 or earlier to any version of 12.2.
Fresh installs of 18.104.22.168 and any later version of 12.1.2 and 12.2 are not vulnerable to Poodle.
The steps presented in this note are to be performed on the Oracle Audit Vault and Database Firewall Server ONLY.
By following the steps outlined in the note, you will secure your Audit Vault and Database Firewall Server by disabling the SSLv3 protocol and the RC4-based SSL cipher suites. The note is applicable for Oracle Audit Vault and Database Firewall systems upgraded in the scenarios listed above only after making sure that all the agents that communicate with the server are upgraded to 22.214.171.124.0 or later as well.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document