SSL

Note

You must have administrator privileges and be in a leaf domain to perform this task.

You must make sure that you are running a fully licensed version of the Secure Firewall Management Center. The SSL Settings will be disabled if you are running Secure Firewall Management Center in evaluation mode. Additionally, the SSL Settings will be disabled when the licensed Secure Firewall Management Center version does not meet the export-compliance criteria. If you are using Remote Access VPN with SSL, your Smart Account must have the strong-crypto features enabled. For more information, see License Types and Restrictions in the Cisco Secure Firewall Management Center Administration Guide.

Procedure

Step 1

Select Devices > Platform Settings and create or edit a threat defense policy.

Step 2

Select SSL.

Step 3

Add entries to the Add SSL Configuration table.

  1. Click Add to create a new entry, or click Edit if the entry already exists.

  2. Select the required security configurations from the drop-down list .

  • Protocol Version—Specifies the TLS protocols to be used while establishing remote access VPN sessions.
  • Security Level—Indicates the kind of security positioning you would like to set up for the SSL.

Step 4

Select the Available Algorithms based on the protocol version that you select and click Add to include them for the selected protocol. For more information, see About SSL Settings.

The algorithms are listed based on the protocol version that you select. Each security protocol identifies unique algorithm for setting up the security level.

Step 5

Click OK to save the changes.

What to do next

Select Deploy > Deployment and click Deploy to deploy the policy to the assigned devices.