Sabir_Alvi
Feb 16, 2018Altocumulus
Bigip 11.2.1 - weak ciphers
I have BiGIP 11.2.1 in my test lab and below Cipher suite for SSL profile:
TLSv1_2:!SSLv3:!RC4-SHA:!3DES:!DH:!ADH:!EDH:!MD5:!EXPORT:!DES:@STRENGTH
However there are few open weak ciphers when I scan --
[TLS_RSA_WITH_AES_256_CBC_SHA (0x35) ]
[TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) ]
[TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) ]
[TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) ]
Can someone advise if these can be blocked at all in 11.2.1? If yes, please share the ciphers.