Forum Discussion

Altostratus

Jun 03, 2020

What Cipher to be used incase of POODLE/BEAST/SWEET32

Am working on Big IP 11.5.x Version , where am asked to fix the vulnerabilities on many of the below attacks. TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32) TLS/SSL Server Doe...

MVP

Jun 07, 2020

Upgrade the load balancer to mitigate major attack types.

All the questions can be solved except "Untrusted TLS/SSL server X.509 certificate".

Below ciphers will help to achieve good SSL Rating in your version.

!SSLv2:!EXPORT:!DHE+AES-GCM:!DHE+AES:ECDHE+AES-GCM:ECDHE+AES:RSA+AES-GCM:RSA+AES:-MD5:-SSLv3:-RC4:!3DES

Try and let us know.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

What Cipher to be used incase of POODLE/BEAST/SWEET32

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Why does SSLO not support ACTIVE-ACTIVE mode deployments？

Failed to set RDP launch token timeout

Horizon View iApp - Big-IP 17.5

r4600 Tenant CPU Assignment

master key file on vcmp guest HA Cluster different?

Related Content

Cipher Suite Practices and Pitfalls

LTM Cipher rule

Disabling Weak Ciphers

Disable below cipher

Cipher Suites Supported (12.1.5.3)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS