Symantec Access Management

Please let me ask you a question.

[Environment]
CA SSO r12.8SP5

[Question]
I am considering stopping the service as a mitigation measure for the Windows Internet Key Exchange (IKE) vulnerability.
If you stop the service, I would like to know the impact on the product currently in operation.

Service to stop: IKEEXT (display name is IKE and AuthIP IPsec Keying Modules)

Best regards,
Hirokazu.M,

The IKE and AuthIP IPsec Keying Modules Service is for VPN services and is not used by SiteMinder. There will be no impact to SiteMinder operations by stopping this service.

In addition to applying operating system patches, it's important to limit access to the SiteMinder server components by allowing only required service communications through firewalls.


Original Message:
Sent: Dec 06, 2022 01:51 AM
From: MARUBUN SUPPORT
Subject: About Windows Internet Key Exchange (IKE) vulnerability for SSO

Please let me ask you a question.

[Environment]
CA SSO r12.8SP5

[Question]
I am considering stopping the service as a mitigation measure for the Windows Internet Key Exchange (IKE) vulnerability.
If you stop the service, I would like to know the impact on the product currently in operation.

Service to stop: IKEEXT (display name is IKE and AuthIP IPsec Keying Modules)

Best regards,
Hirokazu.M,