VMware Networking Community
vmmed1
Enthusiast
Enthusiast

Nessus Scanning of NSX Edge Appears to Trigger SSL Hanshake failures

Based on the timing of a Nessus scan of our edge - NSX logged thousands of ssl handshake failures in a couple of hours.

During that period ssl handshake failures for vServers setup to receive SSL traffic also generated ssl handshake failures

- not just on the IP's that are getting scanned at the moment but affecting other VIPs too.

-What steps could be taken to verify if the scans are causing SSL handshake errors.

-Would upgrading from 6.2.2 to 6.3.5 make the edge devices less vulnerable to being overwhelmed by scanning?

This particular edge received 20,000 SSL connections which resulted in 20,000 SSL handshake errors over two

hours. Some vServers received up to 64 connections in a second. What would by normal limits one should

be able to expect for an edge or a vServer?

Reply
0 Kudos
0 Replies