Ensure that all your Microsoft Azure Redis Cache servers are using the latest available version of TLS encryption protocol in order to enhance the security of the SSL/TLS connection between the cache servers and their web applications, and comply with the industry standards.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
The Transport Layer Security (TLS) protocol is designed to facilitate privacy and data security for communications over different types of networks, including the Internet. TLS versions 1.0 and 1.1 are known to be susceptible to certain Common Vulnerabilities and Exposures (CVE) weaknesses and attacks such as POODLE and BEAST. These two TLS protocol versions do not support the modern encryption methods and cipher suites recommended by the Payment Card Industry (PCI) compliance standards. To follow cloud security best practices and PCI security compliance standards, Cloud Conformity strongly recommends enabling the latest version of the TLS protocol (i.e. TLS version 1.2) for all Microsoft Azure Redis Cache servers that are using in-transit encryption.
To determine if your Azure Redis Cache servers are configured to use the latest version of the TLS protocol, perform the following operations:
Remediation / Resolution
To update the SSL/TLS configuration settings for your Microsoft Azure Redis Cache servers in order to enable the latest version of the TLS protocol (i.e. TLS 1.2), perform the following operations:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Check for TLS Protocol Latest Version
Risk level: Medium