I don't know for certain, someone from HEAT will have to answer. My guess would be that it would be based on the cypher mechanism as you mentioned. I don't think they would try to restrict it by User Agent string.
Since it has to do with older encryption mechanisms (SSL/RC4) , I would assume that if the browser can't handle the newer encryption mechanisms, the pages just won't load after the initial login. We experienced this when they attempted to turn it off before during testing of 2015.1 (I think) release. I've had mixed results using IE's compatibility mode so IE9 and later versions may still load even in compatibility mode.
Not bang on topic but if you want to get your user endpoints onto either Chrome or IE11 you can use our HEAT Endpoint Management & Security Suite's Patch & Remediation module to push out Chrome and IE 11 software updates with a secure browser configuration and the use our Application control to only allow these two browsers and versions to run or execute on your endpoints.Ivanti Endpoint Security (Formerly HEAT EMSS)
1 of 1 people found this helpful
Nice sales pitch! However, keep in mind that most of us are restricted on browser version as a corporate standards policy.
Of course but there is policy, technical controls and audit to complete the people, process technology loop and ensure policy is more than just a document in a filing cabinet!
3 of 3 people found this helpful
On January 15th, HEAT Software will remove support for the RC4 cipher in the web servers hosting HEAT service management. At that time, browsers such as IE-8 or older that cannot negotiate https using a newer cipher will not be able to get to the login page anymore.
HEAT held off supporting IE-8 as long as possible, but due to the change by newer browsers starting in February that will not negotiate an https connection to sites still supporting RC4, we were forced to support only IE-8 or before, or only newer browsers.
Hope that is helpful,
Dir. Product Management, HEAT software