Manualshelf

Hardware manual

ManualsBrandsSecure Computing ManualsComputer equipmentADMINGUIDEREVA
31323334353637383940
80-001113 SysLINK Administrator’s Guide Page 30
kRSA: RSA Public Key Exchange
aRSA: RSA Authentication
3DES: Triple DES Encryption
DES: DES Encryption
RC4: RC4™ Encryption
RC2: RC2™ Encryption
MD5: MD5 128-bit Message Digest
SHA1: SHA1/DSS1 160-bit Message Digest
Each cipher may also be prefixed with one of the following operators:
-: Exclude cipher from list (may be re-added by later options)
+: Move cipher to the end of the list
!: Permanently exclude cipher from this list
Finally, the @STRENGTH cipher string may be appended to the end of the list to specify that
SSL negotiations give preference to higher-strength ciphers.
Click the help associated with this field to find the set of ciphers currently supported in the
software on your Gateway.
Example
The cipher string ALL:!SSLv2:!ADH:!LOW:!EXP:!MD5:@STRENGTH is commonly used to
disallow all the ciphers that are considered unacceptably weak. This cipher string enables all
the supported SSL ciphers except for: SSL version 2 handshaking, Anonymous Diffie-
Hellman, low-encryption ciphers, export encryption ciphers, and MD5. In addition, the SSL
negotiation is instructed to choose the strongest ciphers supported by both SSL peers.