I suggest you ...

Allow SCOM to use TLS1.2

This request is to update SCOM to be able to use TLS1.2 as a secure channel method. Currently SCOM 2012R2 and SCOM 2016 do not support TLS1.1, nor 1.2.

160 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    K JustinK Justin shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    20 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Patrick GoodwinPatrick Goodwin commented  ·   ·  Flag as inappropriate

        TLS 1.1 and 1.2 support for the SCOM Management Console, Server, Agents, and Gateway boxes would be great to have right about now. Like the others that have posted on this idea, I have been working on efforts to get things off the SSL/TLS 1.0 protocols. Granted SCOM doesn't have PCI data on it, but it would be monitoring PCI systems and have interaction with the systems its running on because of the scripting/actions derived from the management packs that are applicable to the system. If you think about it, all it takes is a PCI auditor to interpret this differently. Perhaps maybe they thinks this anyways.

      • Nick CNick C commented  ·   ·  Flag as inappropriate

        Our company requires TLS 1.2 to meet PCI standards. Please implement TLS 1.2 for SCOM 2012 for use with the less vulnerable protocol and strong ciphers. Currently TLS 1.2 breaks management server and gateway communication. Also, web application monitoring is not fully functional for sites that need to use TLS 1.2 only.

      • Olga CarbajalOlga Carbajal commented  ·   ·  Flag as inappropriate

        Support for TLS 1.2 is required for SCOM. I don't understand how Microsoft is advancing to more secure configurations for some of their apps (i.e. Skype) but not across all platforms.

      • Kevin HudnutKevin Hudnut commented  ·   ·  Flag as inappropriate

        Why does Microsoft that is in widespread use that doesn't have TLS 1.2 support when it is Microsoft's recommendation that TLS 1.0 and TLS 1.1 be disabled due to security risks?

        Come on man, be consistent with your products, and match the security levels between OS and other tools. To keep using SCOM, it is a must to have TLS 1.2 available.

      • Guy MicGuy Mic commented  ·   ·  Flag as inappropriate

        WT_! Doesn't support version 1.1 even??!! That came out in like 2006 due to issues with 1.0. How does Microsoft developers start with outdated and vulnerable components. That is an OWASP top 10...DON'T USE VULNERABLE COMPONENTS!

      • Sara DePoySara DePoy commented  ·   ·  Flag as inappropriate

        Our company has identified TLS 1.0 as a security risk and has it disabled by policy. This prevents SCOM installation and causes communication problems on SCOM instances that are already installed. SCOM should be updated to support the newer TLS standards.

      • Sara DePoySara DePoy commented  ·   ·  Flag as inappropriate

        Due to security risk for our company - Requesting SCOM to be updated to use TLS1.1 and TLS1.2

      • Sara DePoySara DePoy commented  ·   ·  Flag as inappropriate

        Requesting SCOM to be updated to use TLS1.1 and TLS1.2 - why wouldn't you update the application??

      • Brandon SeidelBrandon Seidel commented  ·   ·  Flag as inappropriate

        You have to be kidding me! SCOM does not already support this? Come on guys, this is really a black eye for SCOM.

      • Mary BurkeMary Burke commented  ·   ·  Flag as inappropriate

        SCOM 2012R2 and SCOM 2016 do not support TLS1.1, nor 1.2. Request to update SCOM to use TLS1.2

      • Mary BurkeMary Burke commented  ·   ·  Flag as inappropriate

        Our company has identified TLS 1.0 as a security risk and has it disabled by policy. This prevents SCOM installation and causes communication problems on SCOM instances that are already installed. SCOM should be updated to support the newer TLS standards.

      • Susan MichalikSusan Michalik commented  ·   ·  Flag as inappropriate

        Our company has identified TLS 1.0 as a security risk and has it disabled by policy. This prevents SCOM installation and causes communication problems on SCOM instances that are already installed. SCOM should be updated to support the newer TLS standards and provide us an option or ability to choose which TLS to use

      • Orlando ChapaOrlando Chapa commented  ·   ·  Flag as inappropriate

        Our company has identified TLS 1.0 as a security risk and has it disabled by policy. This prevents SCOM installation and causes communication problems on SCOM instances that are already installed. SCOM should be updated to support the newer TLS standards and provide us an option or ability to choose which TLS to use.

      • Paul BrzezinskiPaul Brzezinski commented  ·   ·  Flag as inappropriate

        How is it that SCOM doesn't support TLS v1.1, let alone v1.2? Hasn't TLS v1.1 been around for more than a decade? Does MS not scan their products with security scanning tools like Qualys? Using Google or Bing, search for the words: POODLE BEAST.

      • David BrownDavid Brown commented  ·   ·  Flag as inappropriate

        This will quickly become a huge security risk in our company and has potential to push this product out of our organization. If it doesn't meet the security standards, we will be forced to address in other ways that meet the standard. We need TLS1.2 to be a supported protocol.

      • John AustinJohn Austin commented  ·   ·  Flag as inappropriate

        Our company has identified TLS 1.0 as a security risk and has it disabled by policy. This prevents SCOM installation and causes communication problems on SCOM instances that are already installed. SCOM should be updated to support the newer TLS standards.

      Feedback and Knowledge Base