Check the OpenSSL version in the IMSVA root console:
# openssl version

IMSVA_External Scan findings 
E1. Medium SSL Medium Strength Cipher Suites Supported (SWEET32)
E2. Medium TLS Version 1.0 Protocol Detection

Procedures:

A - For Admin UI and EUQ UI

1. Login to IMSVA via ssh as root.

2. Edit the widget.conf file to disable 3DES, TLS1 and TLSv1.1
# cp /opt/trend/imss/UI/php/conf/widget.conf /opt/trend/imss/UI/php/conf/widget.conf.bak
# vi /opt/trend/imss/UI/php/conf/widget.conf

Edit SSLProtocol and SSLCipherSuite as follows:

SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ALL:!ADH:!RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXP:!3DES:!TLSv1

3. Save with :wq!

4. Edit the EUQ.conf file:
# cp /opt/trend/imss/UI/euqUI/conf/server.xml /opt/trend/imss/UI/euqUI/conf/server.xml.bak
# vim /opt/trend/imss/UI/euqUI/conf/server.xml

Find the ciphers below to make sure that all 3DES cipher are removed (Red strings).

ciphers="TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_CK_DES_192_EDE3_CBC_WITH_MD5,TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_NULL_SHA"

Before removal - opt/trend/imss/UIeuqUI/conf/server.xml


After removal - opt/trend/imss/UIeuqUI/conf/server.xml


5. Again save with :wq!
6. Restart both Web console and EUQ services:
# S99ADMINUI restart
# S99EUQ restart

B - For MTA

1. Login to IMSVA via ssh as root.

2. Edit the main.cf file by running the commands below. Make sure "RC4" "3DES" specified in smtpd_tls_exclude_ciphers value.
# cp /opt/trend/imss/postfix/etc/postfix/main.cf /opt/trend/imss/postfix/etc/postfix/main-backup.cf.bak
# postconf -e 'smtp_tls_exclude_ciphers = EXPORT, LOW, aNULL, RC4, 3DES'
# postconf -e 'smtpd_tls_exclude_ciphers = EXPORT, LOW, aNULL, RC4, 3DES'
# postconf -e 'smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1'
# postconf -e 'smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1'
# postconf -e 'smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1'
# postconf -e 'smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1'

3. Reload/restart postfix service by typing:
# postfix reload
# service postfix restart