HI @Lawrie,

Are you seeing any errors? can you please provide a bit more on what you are attempting to do?

I believe this is all controlled by the OS, but I may be leading you down the wrong path without more info.

https://www.veeam.com/kb2853

Hi @AndreAtkinson 

Thanks for the reply. I have not tried to use TLS 1.2 yet. So cannot post errors. If there is some sort of documentation or link that can show me how this done; to get Veeam to use TLS 1.2. My vulnerability scanners say ports 33034 and 9419 are using SSL. Both ports are from Veeam services. See below information from scanner 172.21.50.16 (tcp/33034/www) and 172.21.50.16 (tcp/9419/www)

I will look through the link you provided.

Does the scan tell you what process is using the ports?

See below processes and ports

  VeeamDeploymentSvc.exe]
  TCP     ::]:33034             ::]:0                 LISTENING       4

VeeamFilesysVssSvc.exe]
  TCP    c::]:9419               ::]:0                 LISTENING      4

 

We have disabled SSL2.0, SSl3.0, TLS1.0 and TLS1.1 on our backup servers. Everything is working fine.

Please be aware that we have VBR Server and the database on one system, I cannot say anything about the connections between VBR and the database.

HI @JMeixner 

Are you able to tell me how you disabled SSL and TLS 1.0 and TLS1.2.? Maybe there is a link you can show me?

Hi @Lawrie,
these protocols have to be disabled in Windows.

Our Windows admins had a tool for this - I will send a DM to you.
With this you can disable protocols, cipher suites, hashes and key exchanges.

Hey
You can use IISCrypto tool, it’s really easy to use https://www.nartac.com/Products/IISCrypto/

You can also disable old protocols by GPO.

Thank you All. I will use the IISCrypto tool and let you know how i go.

I will post back later.