Table of Contents
Advertisement
TLS cipher suites
Supported TLS cipher suites
EMC Unity All Flash, EMC Unity Hybrid, EMC UnityVSA 4.0 Security Configuration Guide
68
A cipher suite defines a set of technologies to secure your TLS communications:
Key exchange algorithm (how the secret key used to encrypt the data is
l
communicated from the client to the server). Examples: RSA key or Diffie-Hellman
(DH)
Authentication method (how hosts can authenticate the identity of remote hosts).
l
Examples: RSA certificate, DSS certificate, or no authentication
Encryption cipher (how to encrypt data). Examples: AES (256 or 128 bits) or
l
3DES (168 bits)
Hash algorithm (ensuring data by providing a way to determine if data has been
l
modified). Examples: SHA-2 or SHA-1
The supported cipher suites combine all these items.
The following list gives the OpenSSL names of the TLS cipher suites for the storage
system and the associated ports.
Table 20 Default/Supported TLS cipher suites supported on the storage system
Cipher Suites
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLSv1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA2
56
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA3
84
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA2
56
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA3
84
TLS_RSA_WITH_AES_128_CBC_SHA
Protocols
TLSv1, TLSv1.1, TLSv1.2
TLSv1, TLSv1.1, TLSv1.2
TLSv1.2
TLSv1.2
TLSv1.2
TLSv1, TLSv1.1, TLSv1.2
TLSv1, TLSv1.1, TLSv1.2
TLSv1.2
TLSv1.2
TLSv1.2
TLSv1.2
TLSv1, TLSv1.1, TLSv1.2
Ports
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
443, 8443,
8444
5989
Hide quick links:
Advertisement
Table of Contents
