Add auditing for SSL/TLS version used by client

Idea created by anand.rudran on Jun 9, 2016
    New
    Score2


    Hi,

     

    I was looking for details for finding a method to get which client is using what version of TLS for handshake and could not find. A case was opened with CA for the same and support confirmed that there are no logging methods to find this information.

    I think it will be useful to add additional logging feature for this information(may be supported ciphers also) along with the client I.P which is already there in place. This will help the users to analyse the impact of changing SSL/TLS settings on the gateway. Collecting tcpdump on the gateway is an option but that will not give the policies being accessed and the dump file can be huge.

     

    Thanks,

    Anand