App Control: Requirements for Disabling TLS 1.0/1.1 and Enable TLS 1.2 on the App Control Server and Agents
App Control Agent: All Supported Versions
App Control Server: All Supported Versions
Microsoft Windows: All Supported Versions
Requirements for modifying Protocols or Cipher Suites (such as TLS 1.0, RC4 Cipher Suites, etc) on the App Control Server and Agents.
There are no settings for TLS/Cipher Suites available in App Control, and all configuration must be done at the Operating System layer. Additionally, no changes are made to the Protocols or Cipher Suites of the Operating System during installation of the Server or Agent applications.
Typically these modifications must be done via the Registry or GPO, but a tool (such as IIS Crypto) may make it easier for single machines or to verify the current settings. Assistance in editing the TLS & Cipher Suites in the Operating System may require support from Microsoft.
Improper modification of TLS/SSL protocols could cause connectivity issues between the App Control Agent, App Control Server, SQL Server or other dependencies.
It is critical the Operating System is compatible with the TLS protocol that is being changed. For example, Windows XP and Windows Server 2003 do not support TLS 1.1 or TLS 1.2 and will require TLS 1.0 support.
Forcing a specific version of TLS be used by the Agent/Server will require the changes be made to the Operating System on both the application server and the endpoints.
Assistance in editing the TLS & Cipher Suites in the Operating System may require support from Microsoft.
The Carbon Black File Reputation (CDC) requires a TLS 1.2 connection from the application server hosting the App Control Server.