Does anyone know if HSTS Strict Transport Security is supported on the SA? I understand most major browsers support it now and it seems the best way currently to prevent sslstrip MitM attacks.
No, you will need an enhancement request for that. In the meantime, it looks like you can achieve similar by making sure your firewall does not allow HTTP to HTTPS redirection and setting the IVE security settings to not allow weak ciphers
