All external communications with the Movere Cloud, such as token download, payload upload, and user interactions with the Movere website, are performed over a TLS 1.2 connection. TLS 1.2. is required to download and install the Movere Console and for uploading payloads directly to the cloud, both from the target devices and the Movere Console. Whether uploading payloads directly from the target devices or through the Movere Console, TLS 1.2. is required for all communication with the cloud.
If a target device does have internet connectivity and automatic uploading to the cloud is enabled but the target device does not support TLS 1.2, all payloads for the target device will be uploaded back through the Movere Console.
Movere support TLS 1.2 as well as older TLS versions for internal communication between the Movere Console and target devices. When scanning older Windows systems, (e.g. Windows 2003/XP, 2003, 2008), which do not support TLS 1.2, Movere can use TLS 1.0 or TLS 1.1. to secure internal communications as long as the Console device also support these older versions. If the Console device does not support the same version of TLS as the target device(s), communication cannot be established and payload uploading and credential propagation (i.e. for SQL scanning) will fail.
If automatic uploading is disabled to force all payloads to upload through the Console, the Console and target devices must still support the same version of TLS to ensure internal communications between the two are secured.
Microsoft has been working to stop use of TLS 1.1 since June of 2017. Recent updates to Windows 10 have disabled TLS 1.1 completely. You may be able to manually enable TLS 1.0 or TLS 1.1 on the Console device if you need to scan an older machine where TLS 1.2 is not supported. Alternatively, you may enable TLS 1.2 on all target devices. Please see the Microsoft support article on Transport Layer Security (TLS) registry settings for more information.