The /listTLSCiphers
option displays the currently configured/allowed TLS ciphers for the given BigFix instance. You can of course adjust these per your requirements given the other options defined in the documentation link you referenced (though I’d suggest v10 documentation given that your server is v10.0.8 and in case there are differences here
https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Installation/c_security_ciphers.html)
By defining a more strict set of ciphers, it is certainly possible to prevent older Clients (that are not able to leverage the more strict set of ciphers) from communicating with the BigFix infrastructure. As such, it is very important to test changes (including against different Client platforms and versions that you have in the environment) ahead of wide ‘production’ roll-outs. It’s not that the Client would be ‘bricked’, but it will take manual intervention to get the Client to be able to communicate with the BigFix infrastructure once more (i.e. the Client’s masthead will have to be replaced with one that includes an allowed ciphers configuration that the Client is able to utilize).