An official website of the United States government
Here's how you know
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

News | Jan. 5, 2021

NSA releases “Eliminating Obsolete Transport Layer Security (TLS) Protocol Configurations” Cybersecurity Information

The National Security Agency released a cybersecurity product Tuesday detailing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.

Eliminating Obsolete TLS Infographic
Eliminating Obsolete TLS Infographic
Eliminating Obsolete TLS Infographic
Eliminating Obsolete TLS Infographic
Eliminating Obsolete TLS Infographic
Photo By: NSA Cybersecurity
VIRIN: 210105-D-IM742-1002

The Cybersecurity Information Sheet, “Eliminating Obsolete Transport Layer Security (TLS) Protocol Configurations” instructs National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) system administrators on how to detect, prioritize, and replace unauthorized or deprecated TLS protocols with ones that meet current standards. Committee on National Security Systems (CNSS) Policy 15 requires that TLS protocols used by National Security Systems meet specified algorithm standards. Remediation is crucial to decreasing computer system and network attack surfaces and preventing unauthorized access to private data.

To help system administrators fix their network components, NSA developed several server configurations and network signatures to accompany the report that are available on the NSA Cybersecurity Github. While this information is provided to assist NSA's mission customers, any network administrator interested in finding and fixing their network components to allow only authorized and strong encryption protocol configurations may find it useful.

NSA seeks to regularly release unique, actionable, and timely cybersecurity guidance to secure the Department of Defense, National Security Systems, and the Defense Industrial Base. For more information or other cybersecurity products, visit NSA.gov/cybersecurity-guidance.

For a quick view on obsolete TLS, review our infographic.