Cipher Suites configuration in BeyondTrust Appliance to get A+ rating

So – you like to get an A+ rating from SSLLABS? That’s the way you can configure BOMGAR. #

This are some good settings for «cipher suites» and their order in BOMGAR Remote Support and BOMGAR PAM /appliance SSL Tab. This settings work good with operating Systems Windows 7 or Server 2008 R2 and higher.

Allow only:
TLS v1.2 and
TLS v1.1

If you need still support for some older Vista Clients or Windows Server 2008 non R2, then you can allow TLS v1.0 additionaly, but ssllabs.com «Protocol Support» Rating will then be only at a 95% and not at the 100% level.

Allow only the following Ciphers and in this order under the bomgar yoursite/appliance settings.:

Cipher Suite			supports: Windows10	Windows8.1	Windows7	Vista
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   TLS1.2   
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384   TLS1.2   
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 	  TLS1.0-1.2 	TLS1.0-1.2	TLS1.0-1.2	TLS1.0
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 	  TLS1.0-1.2
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   TLS1.2    	TLS1.2    	TLS1.2 
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384	  TLS1.2   
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	  TLS1.2   
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384	  TLS1.2   
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	  TLS1.2	TLS1.1		TLS1.0   
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA	  TLS1.2	TLS1.1		TLS1.0   
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	  TLS1.2   
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384	  TLS1.2   
TLS_DH_RSA_WITH_AES_128_GCM_SHA256	  TLS1.2	TLS1.2 		TLS1.2 
TLS_DH_RSA_WITH_AES_256_GCM_SHA384	  TLS1.2	TLS1.2		TLS1.2 
TLS_DH_RSA_WITH_AES_128_CBC_SHA256    	  		TLS1.0-1.2	TLS1.0-1.2
TLS_DH_RSA_WITH_AES_256_CBC_SHA256     	  		TLS1.0-1.2	TLS1.0-1.2

To do the security test against your site please visit the following website: https://www.ssllabs.com/ssltest

Although i have thoroughly researched and tested the written with BOMGAR RS 17 and PAM 17 – MICRODYN DISCLAIMS ALL WARRANTIES!
Author: MICRODYN – R. Hahn / 17.2.2018

BOMGAR is a proprietary trademark of «BOMGAR Corporation».
Windows and Windows Vista are
registered trademarks of Microsoft Corporation.
SSLLABS QUALSYS is a proprietary trademark of «Qualsys, Inc.»

Powered by BetterDocs

Scroll to Top