Transport Layer Security (TLS) can be critical for security, but it must be deployed in a current version. Microsoft now provides a mechanism for administrators to guarantee the right version in their network.
Transport Layer Security (TLS) is an important network security component with a critical caveat: TLS 1.0, introduced in 1999, has been deprecated and is no longer considered secure. TLS 1.3 is the current version, though millions are still using TLS 1.2. Now, Microsoft has introduced TLS version enforcement on Windows Server 2019 in a move that should help companies avoid inadvertently deploying TLS 1.0.
According to Microsoft, beginning with KB4490481, Windows Server 2019 allows customers to block weak TLS versions from being used with individual customer-designated certificates. The feature, called "Disable Legacy TLS," allows administrators to enforce a minimum TLS version and cipher suite for any certificate in use.
If administrators are worried about their customers or users that may still be deploying TLS 1.0, they can divide the traffic by TLS version, with one stream using TLS 1.2 or higher and the other using TLS 1.0, and both streams going to destinations on a single server.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "The Etiquette of Respecting Privacy in the Age of IoT."
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024