DescriptionUpgrading from a pre-8 version to 8.x could break communication with agents running version 3.0 through 3.2. Hosts that have security disabled are not affected.
In newer agent versions 3.3 and greater, the communication protocol was changed from SSLv3 to TLS to address the POODLE vulnerability (CVE-2014-3566). As of 8.0.0, SSLv3 has been disabled completely.
Secure Agent Communication Compatibility Summary
NAC 7.x: Compatible with all 3.x agents
NAC 8.x: Compatible with 3.3.x (and above) agentsScopeVersion: 8.x and Agent 3.0, 3.1, and 3.2 (with security enabled)SolutionWorkaround: Re-enable SSLv3 until agents are upgraded.
1. Navigate to Settings > Persistent Agent > Transport Configuration
2. Under TLS Service Configuration panel, SSLv3 can be added in the TLS Protocols field.