With a lot of attention recently to the SSL protocol vulnerabilities browser vendors
increase security of their SSL implementation almost daily. One of the recommendations is to
use the most up to date SSL version available. Check Point for its SSL based VPNs (by the way
it is the same configuration for Endpoint clients) like SNX SSL and Mobile Access can support
SSL versions in the range SSLv3 up to TLS 1.2. So if your clients’ browsers support it you
can force the specific SSL version for their connections.
Warning: do NOT set minimal SSL version higher than TLS 1.0 because this would cause internal
communication of applications of the Check Point itself to fail.
You set the parameters here: SmartDashboard -> Global Properties -> SmartDashboard Customization-
> Configure -> Portal Properties-> snx_ssl_max_ver and snx_ssl_min_ver
As usual for changes to take effect - click on Ok, Save, Install Policy