Forum Discussion
Al_Faller_1969
Nimbostratus
NimbostratusSSL Cipher Order on LTM
Hi All -
With this whole POODLE thing, I'm reevaluating my cipher string. I am considering going with the DEFAULT setting that F5 provides (11.5.1), but I notice that it has the forward secrecy...
mimlo_61970
Cumulonimbus
CumulonimbusI can't say the reason for the default order, though it has seemed in the past F5 has preferred speed over encryption strength. I have switched to using my own lists on sites that I need the highest security on.
Also, I would drop RC4 completely. See https://support.f5.com/kb/en-us/solutions/public/14000/600/sol14638.html Even if you upgrade to 11.6 to mitigate this attack, most people tend to consider it broken and not advisable to use.
