Action Required: Incapsula Updates on TLS
Scheduled Maintenance
Report for Imperva
Completed
TLS 1.2 enforcement has been completed.
In progress
As of today may 27th, 2018, Incapsula will set TLS 1.2 as the minimum supported version, by default, for connectivity between clients (visitors) and the Incapsula service. Enforcement will be gradually rolled out to customers during the week.
PCI-DSS compliance requires disabling the use of TLS 1.0 as of July 1, 2018. To comply with this requirement, and due to the known vulnerabilities in TLS 1.1, Incapsula has defined TLS 1.2 as the default minimum supported version. This also applies to the Incapsula Management Console and the Incapsula API.
For our Enterprise and Business plan customers who require the continued support of TLS 1.0 or TLS 1.1 while they prepare their customers, applications, or tools to support TLS 1.2 only, an option to maintain current functionality has been added to the UI and API.
For more information, see:
Incapsula documentation & Incapsula blog.
PCI-DSS compliance requires disabling the use of TLS 1.0 as of July 1, 2018. To comply with this requirement, and due to the known vulnerabilities in TLS 1.1, Incapsula has defined TLS 1.2 as the default minimum supported version. This also applies to the Incapsula Management Console and the Incapsula API.
For our Enterprise and Business plan customers who require the continued support of TLS 1.0 or TLS 1.1 while they prepare their customers, applications, or tools to support TLS 1.2 only, an option to maintain current functionality has been added to the UI and API.
For more information, see:
Incapsula documentation & Incapsula blog.
Update
The date of setting TLS 1.2 as the default minimum TLS version for the connectivity between the client side and Incapsula is postponed to May 27th, 2018.
This extension allows us to address as many customer use cases as possible in a safe and monitored way, while still providing a 30-day buffer in advance of the PCI deadline to address any unique requests.
For more information:
Blog: https://www.incapsula.com/blog/how-tls-1-2-improves-your-website-security.html
Help: https://docs.incapsula.com/Content/read-more/ssl-certificate.htm#TLS
This extension allows us to address as many customer use cases as possible in a safe and monitored way, while still providing a 30-day buffer in advance of the PCI deadline to address any unique requests.
For more information:
Blog: https://www.incapsula.com/blog/how-tls-1-2-improves-your-website-security.html
Help: https://docs.incapsula.com/Content/read-more/ssl-certificate.htm#TLS
Scheduled
On April 29, 2018, Incapsula will set TLS 1.2 as the default minimum TLS version for the connectivity between the client side and Incapsula.
For more information:
Link to blog - https://www.incapsula.com/blog/how-tls-1-2-improves-your-website-security.html
Link to help doc - https://docs.incapsula.com/Content/read-more/ssl-certificate.htm#TLS
For more information:
Link to blog - https://www.incapsula.com/blog/how-tls-1-2-improves-your-website-security.html
Link to help doc - https://docs.incapsula.com/Content/read-more/ssl-certificate.htm#TLS
This scheduled maintenance affected: Services (Imperva Management Portal API, Imperva Support - Ticketing and Phone Systems).