-
- Novice
- Posts: 4
- Liked: never
- Joined: Sep 15, 2016 12:34 am
- Contact:
FLR's failing within Veeam when disabling TLS1.0
We have a requirement to disable SSLv3 and TLS1.0. Prior to moving to Veeam and with our previous backup software, this was not an issue leaving only TLS 1.1 and 1.2 enabled. It appears that when doing File Level Restores on the Veeam backup server (essentially all communication within Veeam), Veeam uses TLS1.0 for this process. Disabling TLS1.0 breaks the process. We reached out to support however they were not helpful and suggested we post in the forum. I don't see this a "feature request" but more of a vulnerability as anyone who goes through audits such as PCI-DSS and SSAE16 will know that SSLv3 and TLS1.0 need to be turned off. As this is within the Veeam application and nothing to do with VCenter/VMWare, any suggestions on how we can get this addressed with a patch/update? If the application is already supporting TLS1.0, not sure how complicated it is to update the communication to leverage TLS1.0 for FLR.
Please advise.
Please advise.
-
- Chief Product Officer
- Posts: 31814
- Liked: 7302 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
Hi, I believe we have already switched to TLS everywhere in the product in 9.5, but I will double check for you on FLR. Just in case, what was the support case number for this?
-
- Novice
- Posts: 4
- Liked: never
- Joined: Sep 15, 2016 12:34 am
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
Ticket #01902814
-
- Novice
- Posts: 4
- Liked: never
- Joined: Sep 15, 2016 12:34 am
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
Any update and enforcing TLS1.1 or higher for FLR?
-
- VP, Product Management
- Posts: 27377
- Liked: 2800 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
Yes, this FR is logged and we are trying to squeeze it into our next major update.
-
- Novice
- Posts: 4
- Liked: never
- Joined: Sep 15, 2016 12:34 am
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
Any idea when that will be? Will that be a hotfix or update 3?
-
- VP, Product Management
- Posts: 27377
- Liked: 2800 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
It will be either v9.5 or subsequent updates after the release.
-
- Novice
- Posts: 8
- Liked: never
- Joined: Apr 03, 2014 12:03 pm
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
Seems it is still not working with v9.5, or have i missed anything?
-
- Chief Product Officer
- Posts: 31814
- Liked: 7302 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: FLR's failing within Veeam when disabling TLS1.0
I believe there is a workaround with 9.5, and that is to install .NET Framework 4.6. This is something I have caught from one of the recent email threads between devs and support looking for a workaround, so support should be able to provide you more details. Thanks!
Who is online
Users browsing this forum: Bing [Bot], Google [Bot], Semrush [Bot] and 65 guests