This week, we’re going for the gold medal, that sweet sweet A+ grade on Qualys SSL Labs. And to achieve this lofty goal of ours, we’ll need to enable one thing, HSTS. This is no small task, and for the… Read More ›
Networks
Fixing SSL Labs Grade on F5 Big-IP – Custom Cipher Groups
As promised in my last post on F5 load-balancers, this weeks issue of the never-ending guide on how to keep your F5 Big-IPs in the good graces of Qualys SSL Labs will deal with TLSv1.3 demanding that we use cipher… Read More ›
Fixing SSL Labs Grade on F5 Big-IP – Enabling TLSv1.3
In my last post on F5 load-balancers, we disabled TLS v1 and v1.1 as a preemptive measure as SSL Labs is going to start capping your grade to B if you’re caught supporting these protocols after January 2020. In this… Read More ›
Fixing SSL Labs Grade on F5 Big-IP – Disabling TLSv1 and TLSv1.1
So, it’s again time to start worrying about your SSL Labs grade. Coming January 2020, any site still supporting TLSv1 and TLSv1.1 will have their grade capped to B. As we all know, this is unacceptable, so we’ll once again… Read More ›
How to Configure SNMPv3 on Cisco iOS Switches – Cisco Networking Series Part 2
Configuring SNMPv3 can be a daunting task compared to earlier questions, just from the copious amount of authentication parameters compared to earlier SNMP versions. In this short primer I’ll walk you through the steps necessary to set it up to… Read More ›
How to Really Set Up NTP on HP ProCurve / Aruba Switches – HP Networking Series Part 7
This is a short guide on how to set up NTP time synchronisation properly on HP ProCurve / Aruba network devices. Astute readers of this blog might remember that I covered this topic back in 2015, and you’d be right,… Read More ›
Fixing SSL Labs Grade on F5 Big-IP – ECDH public server param reuse
As you might have noticed from the title, this is a bit of a weird one. In our last installment we managed to get our grade up to A from B finally, and while we’re not mounting our final assault… Read More ›
Fixing SSL Labs Grade on F5 Big-IP – Weak Cipher Suites
Today we’ll take a look at fixing the error that kept us from getting a grade better than B last time. Last time we were left with this test result: “This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade… Read More ›
How to Configure SNMPv3 on HP/Aruba Switches – HP Networking Series Part 6
Configuring SNMPv3 can be a daunting task compared to earlier questions, just from the copious amount of authentication parameters compared to earlier SNMP versions. In this short primer I’ll walk you through the steps necessary to set it up to… Read More ›
Fixing SSL Labs Grade on F5 Big-IP – Certificate Chains
Today I’m starting a new series, which has the working title of “Fixing SSL Labs Grade on F5 Big-IP Load Balancers” which is a series on fixing the most common SSLLabs.com grade issues (We all want that A+, am I right?) when… Read More ›
Grumpy Techie 