Security

Disable SSL2, SSL3 and TLS1.0 globally

stevehut
New Member

Hi

We have a clustered index setup (two indexers) on 7.1.1 and 3 search heads (unclustered). What is the recommended method to disable SSL and TLS1.0 globally on all forwarders, indexers and search heads with this setup ?

Thanks

Tags (2)
0 Karma

gfreitas
Builder

The easiest way to do so is to have a deployment server. Depending on the amount of UFs you have on your environment you could use the Cluster Master as Deployment Server and use it to deploy the config to everyone.
Please make remember changes to the two clustered indexers must only be created via the cluster master.
More info here about the deployment server: https://docs.splunk.com/Documentation/Splunk/7.3.1/Updating/Aboutdeploymentserver
(note the bottom part about the indexer cluster)

Hope this helps clarify the idea for you

0 Karma
Get Updates on the Splunk Community!

Platform Newsletter Highlights | March 2023

 March 2023 | Check out the latest and greatestIntroducing Splunk Edge Processor, simplified data ...

Enterprise Security Content Updates (ESCU) - New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 3 releases of new content via the Enterprise ...

Thought Leaders are Validating Your Hard Work and Training Rigor

As a Splunk enthusiast and member of the Splunk Community, you are one of thousands who recognize the value of ...