What Cipher to be used incase of POODLE/BEAST/SWEET32
Am working on Big IP 11.5.x Version , where am asked to fix the vulnerabilities on many of the below attacks.
TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32)
TLS/SSL Server Does Not Support Any Strong Cipher Algorithms
TLS/SSL Server is enabling the BEAST attack
TLS/SSL Server is enabling the POODLE attack
TLS/SSL Server Supports 3DES Cipher Suite
TLS/SSL Server Supports RC4 Cipher Algorithms (CVE-2013-2566)
TLS/SSL Server Supports SSLv3
TLS/SSL Server Supports The Use of Static Key Ciphers
Untrusted TLS/SSL server X.509 certificate
Here's what I am currently using - !RC4:!3DES:!RSA+AES:!SSLv2:!SSLv3:!TLSv1_1:ECDHE+AES-GCM
However, this isn't stopping the above attacks. Could somebody tell what cipher suit could be used ?