How to Disable the SSLv3 Protocol and the RC4-based SSL Cipher Suites on the TCPS end-point on Audit Vault Server and Database Firewall (Doc ID 1987232.1)

Last updated on APRIL 05, 2016

Applies to:

Oracle Audit Vault and Database Firewall - Version 12.1.2.4 and later
Information in this document applies to any platform.


Note:

This note applies to Oracle Audit Vault and Database Firewall only for the following upgrade scenarios:

- systems upgraded from 12.1.2.3 or earlier to 12.1.2.4 or later
- systems upgraded from 12.1.2.3 or earlier to any version of 12.2.

Fresh installs of 12.1.2.4 and any later version of 12.1.2 and 12.2 are not vulnerable to Poodle.

Goal

The steps presented in this note are to be performed on the Oracle Audit Vault and Database Firewall Server ONLY.

 

By following the steps outlined in the note, you will secure your Audit Vault and Database Firewall Server by disabling the SSLv3 protocol and the RC4-based SSL cipher suites. The note is applicable for Oracle Audit Vault and Database Firewall systems upgraded in the scenarios listed above only after making sure that all the agents that communicate with the server are upgraded to 12.1.2.4.0 or later as well.

 

 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms