TLS 1.0 and 1.1 share the ability to downgrade, and most vendors are in the process of depreciating these standards (most likely during 2020).
The PCI DSS standard is TLS 1.2 as of 30 June 2018, which is the version recommended by Symantec. As of the writing of this article, TLS 1.3 is not supported by SMG, but is on the roadmap for inclusion in a future version.
Steps to disable support for earlier TLS protocols for SMTP via GUI:
In the GUI, go to Protocols > SMTP> Settings > SSL Restrictions.
Select the latest version that will be disabled (e.g. TLS 1.0 will disable SSLv3 and TLS 1.0, but TLS 1.1 will still be used).
Steps to disable support for earlier TLS protocols via command line:
Connect to the console of the Control Center with the SMG's built-in admin account.
Enter the following command with the version of TLS that will be used: