How to Disable the SSLv3 Protocol and the RC4-based SSL Cipher Suites on the TCPS end-point on Audit Vault Server and Database Firewall
Last updated on OCTOBER 24, 2017
Applies to:Oracle Audit Vault and Database Firewall - Version 126.96.36.199 and later
Information in this document applies to any platform.
This note applies to Oracle Audit Vault and Database Firewall only for the following upgrade scenarios:
- systems upgraded from 188.8.131.52 or earlier to 184.108.40.206 or later
- systems upgraded from 220.127.116.11 or earlier to any version of 12.2.
Fresh installs of 18.104.22.168 and any later version of 12.1.2 and 12.2 are not vulnerable to Poodle.
The steps presented in this note are to be performed on the Oracle Audit Vault and Database Firewall Server ONLY.
By following the steps outlined in the note, you will secure your Audit Vault and Database Firewall Server by disabling the SSLv3 protocol and the RC4-based SSL cipher suites. The note is applicable for Oracle Audit Vault and Database Firewall systems upgraded in the scenarios listed above only after making sure that all the agents that communicate with the server are upgraded to 22.214.171.124.0 or later as well.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms