TLS ROBOT Vulnerability

Document ID : KB000076590
Last Modified Date : 06/04/2018
Show Technical Document Details
Introduction:
Networking team is upgrading the Netscalar Load Balancer from code 10.5 63.8.nc to 11.1 56.19.nc, because of the amber vulnerability alert reported for TLS ROBOT. These LBs are front ending various Siteminder components such as federation web server, reverse proxy, and SharePoint Agent server. I would like to check if CA is aware of any compatibility issues or any specific configuration that need to be taken care of to ensure this upgrade does not break any of the Siteminder services.Ā 
Instructions:
This vulnerability calls for disabling of all RSA ciphers. Need to assure at least one common non-RSA cipher between load balancers and Siteminder components.