TLS and the Cloud

Now Microsoft has decided to turn down support for TLS 1.0 for Office 365 and here’s the real news for CSPs.  Starting 1^st June, 2020 ( oh yes, less than a year left),  Office 365 is retiring TLS 1.0 and 1.1 (Better perform your TLS version check and get to know your office 365 TLS port today!). The much promised change is going to be implemented for sure this time and all you CSPs out there, it’s high time to upgrade many applications at your end in order to keep things going smooth.  Here’s a list of things that won’t be supported from now on, so, for better cloud security, you need to keep an eye if your organization is still using it:

• Firefox version 5.0 and earlier versions
• Android 4.3 and earlier versions
• Internet Explorer 10 on Windows Phone 8
• Safari 6.0.4/OS X10.8.4 and previous versions
• Internet Explorer 8-10 on Windows 7 and earlier versions

Additionally, Microsoft Teams Room app version 4.0.64.0 or later must be used for conferencing. For Skype for business Server, Skype for Business Server 2015 CU9 (released May 2019) and Skype for Business Server 2019 CU1 (released July 2019) should be deployed organization-wide.

Regarding Infrastructure changes, it is essential to use TLS 1.2 for all inbound and outbound connections in case of on-premises infrastructure for hybrid solutions or ADFS. There are many guides and a detailed whitepaper out there for a deep understanding on phasing out TLS 1.0 and TLS 1.1 from your organization.

MachPanel and Automation Module for Microsoft CSP

Whether you wish to manage lifecycle of your Direct and Indirect CSP Business or automate it successfully, MachPanel does it for you smoothly. The Automation module for Microsoft CSP is designed to make sure CSPs get all the assistance they need for a fully automated Cloud business. MachPanel also takes into account the Microsoft enhancements on weak protocols and the experts at MachSol are more than ready to guide you against attacks like POODLE and others like GOLDENDOODLE. With MachPanel, you can do much with less from a single user friendly interface like control the billing, showcase, bundle and sell your products, monitor business progress with a BI Dashboard and much more. The experts at MachPanel can also guide you through your office 365 TLS port checking and TLS version check.

Stick around for more updates and get your business equipped with MachPanel, for a safer and updated Cloud business.

Lets TalkRequest a Demo

The post Time to perform your TLS Version Check | Goodbye TLS1.0 and TLS 1.1 protocols appeared first on MachSol Blog.

Organizations like financial institutes mainly banks implement huge security mechanisms but at the same time they often request to disable weak protocols that can be used to exploit any vulnerability. Organizations also request to disable SSLv3 for safety of cloud. Not only ciphers or protocols, weak hashes like MD5 Hashes also need to be disabled for better security.

Using IIS crypto to disable SSLv3

In order to disable SSL 3, a serer administrator should best practices in order to ensure security. One of the best practices can be applied by IISCrypto tool from Nartac. This is done to perform the desired registry changes on a Windows Server. This makes the admins perform the necessary steps to disable SSL 3 on the server host.

Issues on previous builds

Previous MachPanel builds didn’t allow admins to disable SSLv3 directly since they stopped admins from gaining access via API. In that case, there was a error displayed, once the admin clicks on “Login to control panel” from WHMCS to login directly to MachPanel. The error and its details are:

Error: “Operation failed.Error in fetching tenant details from office 365.

Details: Error processing command: System.Management.Automation.RemoteException: Authentication Error: Unable to complete authentication request (potentially a proxy issue)

In such a case the error would only go away if you would SSL 3 back ON.

The Solution

In the modern builds of MachPanel, this feature to disable SSL 3 is fully supported. Now, you can disable weak protocols are hashes with all other MachPanel services running intact.

If SSL v3 is disabled, the following command needs to be run before Connect-MsolService command:

This fixes the previously occurring error message in the latest MachPanel build. More details on the solution can be found here.

With this solution, a good combination of efficiency and cloud security is achieved and the cloud systems can be protected from increasing vulnerabilities in the cyberspace.

MachPanel and Automation module for CSPs

CSPs opt for MachPanel because of its user-friendly approach and seamless services whether it is SharePoint migrations, Microsoft Dynamics operations, Microsoft Exchange Server migrations, Microsoft Skype for Business migrations and many other modern cloud services. It gives you the end-to-end lifecycle management of your cloud business which eventually scales your business in the right direction for future growth. The security feature is provided as a must for its customers and it is ensured for all systems. In addition to this, MachPanel provides robust Enterprise Turnkey Solutions which include Multi-Datacenter and Highly Available Exchange, Skype4B with Enterprise voice and Unified Messaging.  The whole process is seamlessly smooth from Planning to post-project support. The certified experts make it easier with quick turnaround time and easier and secure installation, up-gradations and migrations.

Get your hands on MachPanel for a worry-free experience and seamless business operations with excellent cloud security.

Lets TalkRequest a Demo

The post A guide to disable SSLv3 and other weak protocols for Cloud Security appeared first on MachSol Blog.