Cipher Rules And Groups in BIG-IP v13
My mother used to always tell me two things before I left for school in the morning.
Be wary of what ciphers your application supports Never use the Default cipher list unless you have compatibi...
Updated Jun 06, 2023
Version 2.0
Cyril_M
Altostratus
AltostratusIt's good to know that you provide fine tuning for people who want to go deep in cipher management, but I would also appreciate a more intuitive approach for those who don't want to spend too much time in deciding what is good or wrong, based on Mozilla's recommandations for instance : max compatibility (not recommended) / Intermediate / Modern (max security) / Custom...
I'm surprised to see that in v14 the default "Clientssl" profile comes with the "No TLSv1.3" option enabled, why did you chose to exclude it by default ?
Also, why does the Cipher Rule "f5-default" comes with TLS1.3 whereas "f5-secure" doesn't use it ? I would have expected the opposite
Thanks anyway for the effort