Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!

Cloud Platform | Discontinuing support for TLS version 1.0 and 1.1

Vineetv_Splunk
Splunk Employee
Splunk Employee

Overview

Transport Layer Security (TLS) is a security communications protocol that lets two computers, applications, or computing processes communicate securely and privately over a network. It provides confidentiality, authentication, and data integrity protections for that communication.

Splunk uses TLS to help ensure that communications between Splunk Cloud Platform instances, including Splunk Web, are protected from potential malicious actors. Splunk uses TLS extensively with every Splunk Cloud Platform instance. TLS is also an important part of the Splunk Enterprise deployments that customers manage.

To conform to industry standards, Splunk Cloud Platform will begin disabling the use of older versions of TLS, specifically TLS v1.0 and TLS v1.1, for public-facing services starting June 5th, 2023. If you use clients configured to use deprecated TLS protocols  to connect to Splunk Cloud Platform, you will receive connection error messages and may experience data-loss while sending data to Splunk Cloud Platform in certain cases.

Reason for the change

Pursuant to the PCI Security Standards Council (PCI SSC) and the White House Executive Order 14028 to transition away from weaker cipher protocols, Splunk Cloud Platform has already removed support for older TLS versions in all regulated compliance environments (PCI / HIPAA / GovCloud regions).

Customers in non-regulated environments had been allowed to use the older TLS versions, however, starting June 5th, 2023, Splunk will begin to remove support for older TLS versions in all environments across the Splunk Cloud Platform service.

Will this change affect you? 

If you are already using TLS 1.2 or later, you will not be impacted by this change. It is important to note that the Splunk Cloud Platform TLS negotiation process selects the highest version available to both the server and the client. TLS1.2 has been available since 2008. In rare cases, some customers may have legacy hardware or appliances operating with pre-2008 versions of openSSL libraries still supporting these older TLS versions. If you are still using TLS 1.0 or 1.1, then you must update your client software to use TLS 1.2 or later to maintain your ability to connect. 

Services/ Endpoints will be affected

Splunk Cloud Platform is taking the following actions to help ensure our entire product stack is more secure. We will update this article, without notice, as new deprecations or changes are announced.

  • Admin Config Service (ACS) - Splunk will disable TLS 1.0/1.1 versions for the ACS endpoint on June 5th, 2023.

  • HTTP Event Collector (HEC) – This also includes the HEC with ACK endpoint used for Kinesis Firehose. We will initiate a phased rollout out for disabling TLS 1.0/1.1 starting July 2023. We will be updating this post with concrete implementation timelines, be on the look out.

 

 

 

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...