At CyberLock, we are always working to keep CyberAudit-Web servers on top of the latest security requirements. Here are some things you might like to know about current CyberAudit-Web servers and components.
CyberAudit-Web servers support both Transport Layer Security (TLS) versions 1.2 and 1.3. TLS 1.3 is the newest and most secure version of the TLS protocol. It provides faster TLS handshakes and more secure communication between the CAW server and connections with browsers and CyberLock communicators. And with CyberAudit-Web version 9.5, the Gen2 communicators Web Authorizer II, ValidiKey, and Flex II can negotiate TLS v1.3. It is also supported in both Chrome (starting with release 66) and Firefox (starting with release 60) and in development for Safari and Edge browsers.
Occasionally, CentOS will post a security update to the kernel package. The kernel is the core component of a Linux operating system. Unlike other RPMs, an update to the kernel requires rebooting the server to load the new kernel.
When running Videx-yum-update, watch for a line like this that shows 'Installing':
Installing : kernel-3.10.0-1160.62.1.e17.x86_64
Other packages will show 'Updating':
Updating : 2:microcode_ctl-2.1-73.13.e17_9.x86_64
If a new kernel is installed, follow the sudo Videx-yum-update command with sudo shutdown -r to reboot your server.
Updated SSH key exchange, MACs, and encryption - An update to the CAW core configuration rpm updates the SSH connection requirements to meet recommended levels.
SSL Labs - SSL Labs offers an online SSL server test that can produce a report of your online CyberAudit-Web server. Browse to ssllabs.com/ssltest/ and enter your server URL. It will run through a number of security protocol tests on your server and return a report to you. If your server is up-to-date, you should get an A. If not, contact us for advice on how to get to that level. We can help you get an A+!
|