Securing the SnapCenter web server by disabling SSL 3.0

For security purposes, you should disable Secure Socket Layer (SSL) 3.0 protocol in Microsoft IIS if it is enabled on your SnapCenter web server.

About this task

There are flaws in the SSL 3.0 protocol that an attacker can use to cause connection failures, or to perform man-in-the-middle attacks and observe the encryption traffic between your website and its visitors.

Steps

  1. To launch Registry Editor on the SnapCenter web server host, click Start > Run, and then enter regedit.
  2. In Registry Editor, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\.
    • If the Server key already exists:
      1. Select the Enabled DWORD, and then click Edit > Modify.
      2. Change the value to 0, and then click OK.
    • If the Server key does not exist:
      1. Click Edit > New > Key, and then name the key Server.
      2. With the new Server key selected, click Edit > New > DWORD.
      3. Name the new DWORD Enabled, and then enter 0 as the value.
  3. Close Registry Editor.
Parent topic: Installing the SnapCenter Server
Previous topic: Adding storage systems
Copyright © 1994-2019, NetApp, Inc. All rights reserved.
Part number: 215-14397_2019-10_en-us
October 2019
Updated for 4.2.1