Insecure SSL and TLS versions should be disabled in the browser as all supported Prognosis versions should function normally in compliance with PCI-DSS 3.2.
Version 11.0 and later only requires TLS 1.2 support on the OS.
IR Support can provide an MS Windows PowerShell script that can be run by Server Administrators to disable insecure protocols on the MS Windows platform as described on the Microsoft TechNet page, if requested.
In all environments, the following approach is recommended:
Disable all SSL protocols.
In high-security environments, the following approach is recommended:
Disable all protocols, except TLS 1.2.