Forum Discussion

Altostratus

Jun 03, 2020

What Cipher to be used incase of POODLE/BEAST/SWEET32

Am working on Big IP 11.5.x Version , where am asked to fix the vulnerabilities on many of the below attacks. TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32) TLS/SSL Server Doe...

MVP

Jun 07, 2020

Upgrade the load balancer to mitigate major attack types.

All the questions can be solved except "Untrusted TLS/SSL server X.509 certificate".

Below ciphers will help to achieve good SSL Rating in your version.

!SSLv2:!EXPORT:!DHE+AES-GCM:!DHE+AES:ECDHE+AES-GCM:ECDHE+AES:RSA+AES-GCM:RSA+AES:-MD5:-SSLv3:-RC4:!3DES

Try and let us know.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

What Cipher to be used incase of POODLE/BEAST/SWEET32

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

Cipher Suite Practices and Pitfalls

LTM Cipher rule

Future-Proofing Your Network: Enabling Quantum Ciphers on F5 BIG-IP TMOS 17.5.1

Disable below cipher

Disabling Weak Ciphers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS