Forum Discussion

Altostratus

Jun 03, 2020

What Cipher to be used incase of POODLE/BEAST/SWEET32

Am working on Big IP 11.5.x Version , where am asked to fix the vulnerabilities on many of the below attacks. TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32) TLS/SSL Server Doe...

MVP

Jun 07, 2020

Upgrade the load balancer to mitigate major attack types.

All the questions can be solved except "Untrusted TLS/SSL server X.509 certificate".

Below ciphers will help to achieve good SSL Rating in your version.

!SSLv2:!EXPORT:!DHE+AES-GCM:!DHE+AES:ECDHE+AES-GCM:ECDHE+AES:RSA+AES-GCM:RSA+AES:-MD5:-SSLv3:-RC4:!3DES

Try and let us know.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

What Cipher to be used incase of POODLE/BEAST/SWEET32

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

NGINX event logs send to F5 Data Collection Device and analysis from BIG-IQ it possible or not?

Failed to execute iptable cmd: ," CMD="iptables -A SSH_ALLOW_RULES error

Cannot ping external interface

HA Failover between two Datacenters

LTM issue Openning new web browser tab

Related Content

Cipher Suite Practices and Pitfalls

Future-Proofing Your Network: Enabling Quantum Ciphers on F5 BIG-IP TMOS 17.5.1

LTM Cipher rule

Breaking Down the Quantum Challenge: TLS Cipher Suite Vulnerabilities and FIPS Post-Quantum Standards Explained

Disabling Weak Ciphers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS