EDGE-00-000046 - Edge must be configured to allow only TLS.

Information

Sets the minimum supported version of SSL. If this policy is not configured, Microsoft Edge uses a default minimum version, TLS 1.0.

If this policy is enabled, the minimum version can be set to one of the following values: 'TLSv1', 'TLSv1.1' or 'TLSv1.2'. When set, Microsoft Edge will not use any version of SSL/TLS lower than the specified version. Any unrecognized value is ignored.

Policy options mapping:
- TLSv1 (tls1) = TLS 1.0
- TLSv1.1 (tls1.1) = TLS 1.1
- TLSv1.2 (tls1.2) = TLS 1.2

NIST SP 800-52 specifies the preferred configurations for government systems.

Solution

Set the policy value for 'Computer Configuration/Administrative Templates/Microsoft Edge/Minimum TLS version enabled' to 'TLS 1.2'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Edge_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-17(2), CAT|I, CCI|CCI-001453, Rule-ID|SV-235759r961869_rule, STIG-ID|EDGE-00-000046, Vuln-ID|V-235759

Plugin: Windows

Control ID: 4037062c248d98a6685c0e172e8fd62b683b2b00eb9cbb5cf727a97fb309719f