Forum Discussion
nitass
Employee
i normally see people using cipher string from this sol if there is no special requirement.
sol13171: Configuring the cipher strength for SSL profiles (11.x)
http://support.f5.com/kb/en-us/solutions/public/13000/100/sol13171.html
for tcp timestamp, is it this one?
TCP timestamp response
http://www.rapid7.com/db/vulnerabilities/generic-tcp-timestamp
sol8072: Obtaining uptime information from TCP timestamps
http://support.f5.com/kb/en-us/solutions/public/8000/000/sol8072.html
nitass
Sep 06, 2014Employee
dh is natively supported in 11.2.1
Diffie-Hellman SSL key exchange cipher
The Diffie-Hellman SSL key exchange cipher, which provides perfect forward secrecy (PFS), is now included natively. This provides better performance for configurations using Diffie-Hellman, especially on physical platforms that have hardware SSL acceleration.
Release Note: BIG-IP LTM and TMOS 11.2.1
http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-2-1.html