Our security scans are reporting the a service on our SEPM server is using weak cipher suites. We've already disabled any weak ciphers and protocols from the Windows registry but it appears that these alerts are coming from the Apache/Tomcat install that comes with SEPM. I know very little about Apache/Tomcat but was able to locate the configuration files. I believe these files contain connection information that is using weak protocols/cipher suites.
Anyone had to fix these before?
Correct, I meant to say SEPM.
You need to get to 12.1.6.1a, see the report here:
New fixes in Symantec Endpoint Protection 12.1.6 MP1a and 12.1.6 MP1
Thanks. Is there some specific information regarding the change to protocols and cipher suites, the link you provided just listed some fixes in the MP1 and MP1a for 12.1.6.
The below article talks about restricting what protocols are allowed if that helps:
http://www.symantec.com/docs/TECH225689
Does your scan actually say which suites it considers weak?