Salesforce

How to Mitigate SSL 3.0 Being Disabled

Subscribe
Don Ayres
Don Ayres Nov 10, 2014
Salesforce recently announced in Knowledge Article Number: 000206013 that it will be disabling SSL 3.0 connections to address the POODLE security vulnerability in the coming months. The change is not expected to impact browser-based users, but may impact Salesforce customers who are using certain versions of data integration products, such as IBM Cast Iron.
 
If your organization integrates Salesforce with Cast Iron, you should take the following steps to mitigate the effect of the POODLE exploit and ensure the safety of your data. Even though Cast Iron Live users should be unaffected by these changes, at the very least we recommend you verify the version of Cast Iron you're running to play it safe.

Cast Iron Live Customers

Appliance cannot be upgraded as it is handled by IBM Operations. Version can be verified by signing onto the WMC and clicking the Setup tab. Click the Support Information link and check the version. It should be 7.0.0.1_x or 6.3.0.2_x.

SSLCastIron1


Cast Iron Hypervisor Customers

Patches can be obtained from IBM and applied via the WMC. Information on the latest fix pack can be obtained here: http://www-01.ibm.com/support/docview.wss?uid=swg21631488

Log onto the WMC and navigate to System -> Upgrade. Check the version to see if you are affected. The version must be one of the following or higher:

6.1.0.12IF004
6.1.0.15IF001
6.3.0.1IF009.
6.4.0.1
7.x

SSLCastIron2

To apply the patch, click the Upgrade Operating System Link. This will launch a “Upgrade Operating System” dialog box.

SSLCastIron3

Click the Browse link and navigate to the location that the patch software was downloaded. Once found, click the Open button. Then click Upgrade to apply the software. The Cast Iron Hypervisor will reboot upon completion.

Once the system come back up, verify the new version of software.

SSLCastIron4

Feel free to leave a comment below if you have any questions about how the changes may affect your company's Salesforce and Cast Iron instances. You can also reach out our team at sales@summa-tech.com if you need help assessing and addressing security risks with your integration.

 
Don Ayres
ABOUT THE AUTHOR
Don Ayres, Summa

Technical Consultant

Related posts
Vic Novak Vic Novak

How the Salesforce ‘17 Summer Release Helps Tame Files

Read More
Alexandra Stehman Alexandra Stehman

Bolt Has Struck the Manufacturing Community

Everyone likes Salesforce Communities, but working with Lightning templates for Communities is another story.

Read More

611 William Penn Place
12th Floor
Pittsburgh, PA 15219

Phone: 412.258.3300
 |  
Follow Us
© 2010- Summa Technologies, Inc. All rights reserved.