Worked with CA Support last week on Friday. The solution was to make changes to java.security file.
-----------
In IntrosocpeEnterpriseManager.properties file it mentions the following:'
# Set the enabled cipher suites.
# A comma-separated list of cipher suites.
# If not specified, use the default enabled cipher suites.
#introscope.enterprisemanager.ciphersuites.channel2=
Since the above property is commented out, it means that EM (in this case the MoM) is using the default java security policy located under <EM_Home>/jre/lib/security/java.security. This is the current property:
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
Comment out the above property, copy the above property and change it to (ensure you backup the file before making any changes to it):
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, MD5, DSA, DESede, DES, RSA keySize < 2048
Save the the file, and then restart the EM.
This should take care of the SSLv3 as well as medium to weak cipher suite issue on your Nessus security scans.
Thanks Hallett_German and Yanna for all your help.
Manish