AP5610 SSL configuration.

BillP · ‎2021-06-27

Hi,

I have several AP5610 KVM's running 01.03.30.00 firmware. I need to disable SSLv2 in addition to disabling weak cipher suites. Is there a way to do this on this model through a firmware update or configuration change?

Thanks,

- Ian

BillP · ‎2021-06-27

Hi Ian,

Yes, look at KVM2116P as the closest replacement. Our latest firmware brought TLS 1.2 and because it is our current model, we will be continuing to make enhancements. I think our next release will remove RC4 ciphers (I can't recall if it was done in the TLS 1.2 release but I don't think so) and also make the default SSL cert SHA-2 (but you can use OpenSSL with these to make whatever type of cert you want anyway) and we will continue to make any other security updates on this model as needed.

The only problem is that the KVM2116P does not support the server modules/dongles or cascaded analog KVMs that AP5610 does. They are a completely different family and unfortunately there is no backwards/forwards compatibility with one minor exception of the Rack PDU cables - AP5641. That is a shared cable between the two. If you upgrade the KVM, then you'd need to upgrade any of the server modules/dongles unfortunately.

Let me know if you have any other questions.

See Answer In Context

BillP · ‎2021-06-27

Hi Angela,

I was able to console into the KVM, but I did not see any relevant settings. I checked under Network and Security Configuration.

If we need to replace this model, do you know what new models would support these settings and ideally TLS v1.2?