pasUNITY Browser Support - Update 2018-01

Written By Gary Fletcher

Blogs pasUNITY Hosting

pasUNITY has always strived to provide the most secure experience for the widest range of customers. 

We recently announced our plans to discontinue support for web browsers that did not support HTML5 and operating systems that did not implement modern secure transport mechanisms.  Since that time, our customers and partners have done a fantastic job of putting in place policies and procedures for a safer workplace and getting client workstations updated.

What browsers are supported with pasPortal?

While any modern HTML5 capable browser should work our official policy is that we support the latest versions of Internet ExplorerEdge, and Chrome

The following compatibility matrix shows which versions of the Internet Explorer and Edge browsers are supported on various versions of Windows.  Browser permutations supported by pasPortal are indicated in GREEN while those that are no longer supported are indicated in RED.  The compatibility matrix does not show non-Windows operating systems but the latest versions of common devices such as Android phones, iPhones, iPads, and MacOS do have HTML5 capable browsers that should work without any issues.

If you are using one of the unsupported browsers and the chart shows that another browser is available for your operating system we recommend that you upgrade to that browser.  If no alternative version of either Internet Explorer or Edge is available, we recommend that you upgrade to Google Chrome or another HTML5-capable browser.

  Edge 12 Edge 13 Edge 14 Edge 15 Edge 16 IE 6 IE 7 IE 8 IE 9 IE 10 IE 11
Windows XP           RTM SP2+ SP2+      
Windows 2003           RTM SP1+ SP2+      
Windows Vista             RTM RTM+ SP2+    
Windows 2008             RTM RTM+ SP2+    
Windows 7               RTM RTM+ SP1+ SP1+
Windows 2008 R2               RTM RTM+ SP1+ SP1+
Windows 8                   RTM  
Windows 2012                   RTM  
Windows 8.1                     RTM
Windows 2012 R2                     RTM
Windows 10.1507 (RTM) RTM                   RTM
Windows 10.1511 (November)   RTM                 RTM
Windows 10.1607 (Anniversary)     RTM               RTM
Windows 10.1703 (Creator)       RTM             RTM
Windows 10.1709 (Fall Creator)         RTM           RTM
Windows 2016                     RTM

In the chart above, the following abbreviations have meaning:

  • RTM: This is the initial version of the operating system without any patches installed.
  • SP#: This means that a numbered Service Pack containing a collection of updates is required.
  • +: In addition to the RTM or SP operating system release an additional patch is required.

What are transport security requirements?

The connection between your client browser and the pasPortal web servers is a secure connection.  It is secured using a combination of protocols, ciphers, hashes, and key exchanges.

The following compatibility matrix shows the protocols that have been in common use for the past decade.  Supported operating system and protocol permutations supported by pasPortal are indicated in GREEN while those that are not supported are indicated in RED and PURPLE.  Those permutations shown in RED  have been officially unsupported and blocked for quite some time.  Those in PURPLE have been officially unsupported but have been enabled for backwards compatibility for quite some time and effective immediately will be blocked.

Consult the chart below to see if your operating system is supported and to see if any additional steps are required to manually enable support for TLS 1.2.  Customers running Windows XP and Windows 2003 or older must upgrade to a new operating system because Microsoft will not be adding TLS 1.2 capabilities to these operating systems, as they are no longer supported.

  SSL 2.0 SSL 3.0 TLS 1.0 TLS 1.1 TLS 1.2
Windows XP RTM RTM RTM    
Windows 2003 RTM RTM RTM    
Windows Vista RTM RTM RTM SP2+U1 SP2+U1
Windows 2008 RTM RTM RTM SP2+U1 SP2+U1
Windows 7 RTM RTM RTM SP1+U2 SP1+U2
Windows 2008 R2 RTM RTM RTM SP1+U2 SP1+U2
Windows 8 RTM RTM RTM RTM RTM+U3
Windows 2012 RTM RTM RTM RTM RTM+U3
Windows 8.1 RTM RTM RTM RTM RTM+U3
Windows 2012 R2 RTM RTM RTM RTM RTM+U3
Windows 10.1507 (RTM) RTM RTM RTM RTM RTM
Windows 10.1511 (November) RTM RTM RTM RTM RTM
Windows 10.1607 (Anniversary) RTM RTM RTM RTM RTM
Windows 10.1703 (Creator) RTM RTM RTM RTM RTM
Windows 10.1709 (Fall Creator) RTM RTM RTM RTM RTM
Windows 2016 RTM RTM RTM RTM RTM

In the chart above the following abbreviations have meaning:

  • RTM: This is the initial version of the operating system without any patches installed.
  • SP#: This means that a numbered Service Pack containing a collection of updates is required.
  • +: In addition to the RTM or SP operating system release an additional patch is required.
  • U#: This indicates that a specific update from the table below is required.
U1 Enable TLS 1.2 on 2008/Vista https://support.microsoft.com/en-us/help/4019276/update-to-add-support-for-tls-1-1-and-tls-1-2-in-windows
U2 Enable TLS 1.2 on 2008 R2/7 https://support.microsoft.com/en-us/help/3080079/update-to-add-rds-support-for-tls-1-1-and-tls-1-2-in-windows-7-or-wind
U3 Enable TLS 1.2 on 7- 2012 https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in
B1 Blog on SSL and TLS support https://blogs.msdn.microsoft.com/kaushal/2011/10/02/support-for-ssltls-protocols-on-windows/

How do you decide what browsers and transport security requirements to enforce?

We monitor traffic to our pasPortal and other web-based applications to see what types and versions of browsers and operating systems our customers are using.  This information is useful to us because it tells us when our customers adopt and/or deprecate operating systems and browsers.  This in turn lets us know when we can start developing enhancements to pasPortal that take advantage of new browser features and when we can stop supporting legacy browsers.  Beyond that our policy is to try to support the largest array of browsers, operating systems, and transport options available without sacrificing security and still being able to use modern development technology to provide the proper balance of function and audience.

There does come a time, however, when continuing to support old browsers begins to present a security risk and that is the ultimate criteria for when we discontinue support for legacy browsers.  While we like to support as many browsers as possible, we will never hesitate to cut off support for any old browser if supporting it puts our infrastructure at risk.

The image below shows the result of the latest security scan performed against our pasPortal infrastructure.  We are quite proud to carry an A rating as we take security very seriously.

You can run this scan for yourself at anytime by clicking here.  You might even want to run this scan against some of your favorite sites (or even your corporate sites) - you might be surprised at just how safe some of them are.

We hope you find this article informative and welcome your feedback via the pasPortal web application.  Watch this blog for more information and timing on future infrastructure changes.
2024-04-24 02:40:47
© 2003 - 2024 pasUNITY, Inc. | Terms Of Use | Privacy Statement