We had an external penetration test for our TMG server. It detected that the TMG allowed the use of SSLv2. I believe this is a pretty common occurence with the TMG based on this site:
http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html
Before I go through the exercise of disabling SSLv2, I would like to know if I have any clients using SSLv2 against any of our hosted sites. If I knew which devices and rules they were hitting, it would give me something I could test after disabling SSLv2 to make sure those devices still work with higher encryption.
Thank you.