Results 1 to 5 of 5
  1. #1
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,049

    Default The Sorry State of TLS Security in Enterprise Interception Appliances Report

    If you have time pls read the hole report here:
    https://arxiv.org/pdf/1809.08729.pdf

    I hope that Untangle staff already has seen this report and that we can push the SSL/TLS parts of Untangle to an even better solution.

    It will take time and $ but it will be worth it if we can beat cisco and i think it is in reach!

    But still Amazing that Untangle is on the list!

  2. #2
    Master Untangler
    Join Date
    Mar 2017
    Posts
    189

    Default

    From a very fast glimpse at the article (less than 5 minutes ), most of the important issues could be corrected very easily and fast, e.g. the RSA-512 root agency issue. As it goes everywhere, code/library/resource reuse often lead to these scenarios.
    Happily untangling the average household: 20-25 active devices, 13 racks, each with 3 - 8 apps, OpenVPN 1 in, TunnelVPN 3 out, IPS on. Spice it up with VLANs and mix with tons of rules.

  3. #3
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,049

    Default

    Making it so the End user during setup or after can modify the Root CA and Chiphers etc Untangle could win the Market.

    But the hard part will be support and havinge a legacy support.
    In my case we only have "modern" OS:es so we want to up the defaults to better/securer but if you have XP/NT or even older systems then you migh have all types of issues with RSA-512 etc.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,497

    Default

    If you're still allowing XP to get to the internet, security is obviously not on your list of priorities anyway...
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Master Untangler
    Join Date
    Mar 2017
    Posts
    189

    Default

    Quote Originally Posted by sky-knight View Post
    If you're still allowing XP to get to the internet, security is obviously not on your list of priorities anyway...
    You'd be surprised to see how many XP SCADA systems out there are calling home to their vendors for remote maintenance and - uh uh - updates
    Happily untangling the average household: 20-25 active devices, 13 racks, each with 3 - 8 apps, OpenVPN 1 in, TunnelVPN 3 out, IPS on. Spice it up with VLANs and mix with tons of rules.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2