Carbon Black Cloud: Which version of SSL/TLS does the Sensor use? (Windows)
Carbon Black Cloud Console: All Versions
Carbon Black Cloud Sensor: All Versions
Microsoft Windows: All Supported Versions
Do the Carbon Black Cloud Sensor and Carbon Black Cloud Console use Secure Sockets Layer (SSL) 3.0, Transport Layer Security (TLS) 1.0, TLS 1.1, TLS 1.2, or TLS 1.3 to secure or encrypt communication?
On Windows, the Carbon Black Cloud Sensor makes use of schannel, and therefore uses the protocol configured in the Operating System (OS). As the Sensor communicates with the cloud, the Console negotiates the most secure connection possible given the available configurations on the endpoint and the backend.
TLS 1.0 and 1.1 are no longer supported by the backend since July 5th 2022 per this announcement.
Some older ciphers are still made available because of the wide range of systems customers utilize, some of which do not have the ability to use newer ciphers.
The backend will use the secure mutually agreed on cipher, so by keeping the environment up to date old ciphers can be avoided.
An AWS Application Load Balancer to serve the traffic. As such, the TLS protocols/ciphers available are limited to what AWS currently offers. The 2016-08 security policy can be referenced for the specific protocols/ciphers supported. The reasoning for using this policy is due to the wide array of requirements from the various versions of sensors and operating systems we support.