The Redstor platform uses secure ciphers for TLS communications for data protection and management, and also for management purposes to ensure that customer data security is maintained.
The exact details of currently supported ciphers can be found here. The ciphers are selected based on current security standards, and are periodically updated.
The cipher support for the agents is built into the agent software, so is independent of direct communications built into the operating system. Even if the operating system does not support the ciphers directly, the agent will be be able to function (backup and restore).
The ciphers listed are supported on the current Redstor ESE, SE and Cloud agents.
It is important to note that not all operating systems currently supported by the manufacturer are able to support these ciphers to their full extent.
Windows 2012 R2 and earlier, and also Windows 8.1 and earlier, whilst still supported by Microsoft under Extended Support at the time of writing, do not support the full range of secure ciphers in their .Net implementations, which are built into the operating system.
The ciphers TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 are considered secure where they use a sufficient number of bits, but weak where they do not.
The implementation in Windows 2016 and higher for these ciphers uses sufficient bits for the connection to be secure, whilst 2012 r2 does not.
Although Redstor's testing ahead of the cipher policy change showed that it was possible for Windows 2012 r2 and Windows 8.1 to successfully connect to the Redstor Platform, there is no guarantee that they will be able to do so under all circumstances (eg not able to use sufficient bits to establish a secure connection).
As .Net is used by web browsers, PowerShell, Instant Data and the Storage Platform Console, these tools would be affected.
As a consequence, if you are using Windows 2012 r2 or Windows 8.1 or earlier to connect to the Redstor Platform with these for management or automation purposes, it is possible that you may not be able to communicate with the Redstor Platform.
Whilst tools such as Python, Java, cURL and other third party tools can be updated, applying Windows and .Net updates do not resolve the issue on older versions of Windows. Microsoft have not implemented the more recent secure ciphers for these operating systems, even though they are still within Extended Support.
This is beyond Redstor's control - your recommended course of action is to upgrade the operating system to Windows 2016 or later.
Windows product lifecycle and support details can be found here: https://docs.microsoft.com/en-us/lifecycle/
If you are unsure if you are experiencing connectivity issues related to ciphers, please contact Redstor Support using firstname.lastname@example.org.