6: Basic Parameters
SLC™ 8000 Advanced Console Manager User Guide 87
For SSL, the SLC unit will support the following cipher suites:
AES128-SHA
AES128-SHA256
AES128-GCM-SHA256
AES256-SHA
AES256-SHA256
AES256-GCM-SHA384
SSL/secure certificates imported for use with the web server or LDAP authentication must use
either the SHA1 or SHA2 hash with a RSA public key of 1024, 2048 or 3072 bits.
For SSH, the SLC unit will support the following cipher suites:
* AEAD-AES-128-GCM-SSH
* AEAD-AES-256-GCM-SSH
* AES128-CTR
* AES256-CTR
* AES192-CTR
SSH Keys imported for use with SSH authentication must use a RSA public key of 1024, 2048 or
3072 bits. SSH Keys exported by the SLC must use a RSA public key of 2048 or 3072 bits.
When the SLC unit is running in FIPS mode, the following protocols/functions will not be
supported: NIS, Kerberos, RADIUS, TACACS+, Telnet/WebTelnet, WebSSH, IPSec/VPN, SSH
v1, FTP, PPP, CIFS/Samba, TCP, UDP, unencrypted LDAP, and SNMP. If any of these protocols/
functions are enabled prior to enabling FIPS mode, they will be automatically disabled.
LDAP authentication must be configured with the following:
StartTLS encryption (SSL encryption over port 636 is not supported)
A SSL/secure certificate
Either Bind with Login or a Bind Name and Password
Note: In FIPS mode, passphrases are not supported for SSH keys and SSL certificates.
Figure 6-7 Network > Security
To Next Page
Loading...
Need help?
General
Weight and Dimensions
