Controlling ciphers that the Deep Security Manager (DSM) console uses

- Updated:
- 18 Aug 2017
- Product/Version:
- Deep Security 10.0
- Deep Security 10.1
- Deep Security 10.2
- Deep Security 10.3
- Platform:
- Windows 2000 Advanced Server
- Windows 2000 Datacenter Server
- Windows 2000 Professional
- Windows 2000 Server
- Windows 2000 Small Business Server
- Windows 2003 Compute Cluster Server
- Windows 2003 Datacenter Server
- Windows 2003 Datacenter Server Edition 64-bit
- Windows 2003 Enterprise Server
- Windows 2003 Home Server
- Windows 2003 Small Business Server
- Windows 2003 Standard Server Edition
- Windows 2003 Standard Server Edition 64-bit
- Windows 2003 Storage Server
- Windows 2003 Web Server Edition
- Windows 2008 Datacenter Server
- Windows 2008 Datacenter Server Edition 64-bit
- Windows 2008 Enterprise Server
- Windows 2008 Enterprise Server Edition 64-bit
- Windows 2008 Essential Business Server
- Windows 2008 Small Business Server
- Windows 2008 Standard Server Edition
- Windows 2008 Standard Server Edition 64-bit
- Windows 2008 Storage Server
- Windows 2008 Web Server Edition
- Windows 2008 Web Server Edition 64-bit
- Windows 7 32-bit
- Windows 7 64-bit
- Windows NT 4.0 Server
- Windows NT 4.0 Workstation
- Windows Vista 32-bit
- Windows Vista 64-bit
- Windows XP Home
- Windows XP Professional
- Windows XP Professional 64-bit

Summary

The Deep Security Manager console supports both strong and weak ciphers, but some customers require using only the strong ciphers.

This article explains how you can remove support for the ciphers that are not allowed in your network.

Details

You can control which ciphers the DSM console should support by modifying the configuration.properties file. Do the following:

From the DSM server, open the C:\Program Files\Trend Micro\Deep Security Manager\configuration.properties file.
Add the following line:
ciphers=SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
Remove the ones that you do not want to support.
Save and close the file.
Restart the Trend Micro Deep Security Manager service.

Rating:

Category:

Configure

Solution Id:

1056573

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.