Keep failing PCI audit because of sweet32 attack detacted
I have just installed two new TZ270 SonicWall firewalls at a customer site running the newest version of the 7.0 OS. Both offices have Internet access from the cable company. To connect the two offices together I have configured an IPSec SSL VPN. The VPN is configured with the encryption type AES-256 and authentication type SHA384.
For PCI compliance and independent audit company needs to run periodical scans against both firewalls. I keep failing the compliance scan due to the firewall being vulnerable to the sweet32 attack within ISAKMP. I have read a few SonicWall KBs but they all reference the 6.x OS which does not pertain to the TZ270.
Could someone please tell me what configuration I need to make within 7.0 to fix the sweet32 attack detection?
Thank you everyone for your help with this issue.