How to Disable the SSLv3 Protocol and the RC4-based SSL Cipher Suites on the TCPS end-point on Audit Vault Server and Database Firewall
(Doc ID 1987232.1)
Last updated on OCTOBER 24, 2017
Applies to:Oracle Audit Vault and Database Firewall - Version 220.127.116.11 and later
Information in this document applies to any platform.
This note applies to Oracle Audit Vault and Database Firewall only for the following upgrade scenarios:
- systems upgraded from 18.104.22.168 or earlier to 22.214.171.124 or later
- systems upgraded from 126.96.36.199 or earlier to any version of 12.2.
Fresh installs of 188.8.131.52 and any later version of 12.1.2 and 12.2 are not vulnerable to Poodle.
The steps presented in this note are to be performed on the Oracle Audit Vault and Database Firewall Server ONLY.
By following the steps outlined in the note, you will secure your Audit Vault and Database Firewall Server by disabling the SSLv3 protocol and the RC4-based SSL cipher suites. The note is applicable for Oracle Audit Vault and Database Firewall systems upgraded in the scenarios listed above only after making sure that all the agents that communicate with the server are upgraded to 184.108.40.206.0 or later as well.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document