F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Rose's avatar
Rose
Icon for Altostratus rankAltostratus
Jun 03, 2020

What Cipher to be used incase of POODLE/BEAST/SWEET32

Am working on Big IP 11.5.x Version , where am asked to fix the vulnerabilities on many of the below attacks.   TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32) TLS/SSL Server Doe...
BIG-IP
devops
LTM
Super-NetOps
Samir's avatar
Samir
Icon for MVP rankMVP
Jun 07, 2020

Upgrade the load balancer to mitigate major attack types.

All the questions can be solved except "Untrusted TLS/SSL server X.509 certificate".

Below ciphers will help to achieve good SSL Rating in your version.

!SSLv2:!EXPORT:!DHE+AES-GCM:!DHE+AES:ECDHE+AES-GCM:ECDHE+AES:RSA+AES-GCM:RSA+AES:-MD5:-SSLv3:-RC4:!3DES

Try and let us know.