- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- Re: ProCurve TLS Support
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2016 07:13 AM
09-03-2016 07:13 AM
ProCurve TLS Support
Hello,
Three questions:
1.) Does there exist a reference matrix depicting the TLS level supported by various HP switches?
2.) It appears, even with the latest firmware, that the HP 2810-48G (J9022A) does not support anything later than TLS 1.0 Can someone confirm this?
3.) Is there any determinant, other than simply the decision not to implement it in firmware, for which a given switch does not offer the latest TLS support?
Thank You,
Dale
- Tags:
- SSL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2016 11:45 AM
09-06-2016 11:45 AM
Re: ProCurve TLS Support
Howdy,
I am sure if you speak to your local HPE/Aruba presales contact they would be able to find out the latest and greatest versions of TLS supported if you gave them the models that you have currently deployed in your Enterprise.
If you have a 2810 it is probably well worth bringing up to date on a regular basis just as proactive defence against bugs. There is new firmware as of August 2016 - might be worth a look. The 2810 started life in about 2007 and only went End of Sale just over three years ago so it still has a little while yet before the "end of Engineering support" date.
Pure supposition - Maybe the chipset doesn't support hardware acceleration of more recent ciphers and protocols and maybe the performance would have been impacted and that's why ultimately that line turned into the 2530 series? It did put in a six year tour of duty which is more than most :-)
If you absolutely need to access the Web Management in a secure manner to pass an audit or suchlike, have you looked into putting a gateway box at the head of your switch management network (making it not accessible via any other means) and build a simple SSH tunnel or VPN service (linux based appliance or VM?) to access the devices.
Alternatively put a network management server (IMC?) in front of the infrastructure, disable telnet etc and talk to the switches using only ssh and SNMPv3.
Hope that gives you some ideas. Don't be afraid of the "Kudos" and "solved" buttons if you are reading these forums and find a post helpful / informative / amusing.
Let us know what you find out and, if needed, what steps you plan to take to meet the audit requirement.
Thanks
Ian
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me