Meraki Community

rhamersley

Meraki security appliance does not have an “SSL Decryption” setting in the dashboard. How can you enforce higher security standards to block older TLS versions. Ideally we would like to block all outdated TLS versions. I do believe Meraki does not provide a direct way to specify TLS versions in Layer 7 rules. Would like to get insight to see how this is possible.

Thank you!!

alemabrahao

With MX I believe you won't be able to do anything, you will probably need another solution or even another firewall.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

PhilipDAth

To add to @alemabrahao answer (which is correct), Cisco would recommend the use of Cisco Umbrella - which only supports TLSv1.2 clients.

Both Meraki MX and MR devices have native Umbrella integration options.

https://documentation.meraki.com/MX/Meraki_Umbrella_SDWAN_Connector/Deployment_Guide

jfigueroa

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/FAQ%3A_Meraki_Authent...

alemabrahao

This is talking about 802.1x specifically.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Meraki Community

How to disable older TLS versions in the Meraki MX security appliances?

How to disable older TLS versions in the Meraki MX security appliances?