Best Practices Cipher Set Updated
- Last Updated: November 13, 2023
- 1 minute read
- LoadMaster
- LoadMaster LTSF
- Documentation
In LoadMaster firmware version 7.2.52, the BestPractices cipher set was updated. The cipher set is now based on the recommendations provided in the Use Secure Cipher Suites section of the following SSL Labs article: SSL and TLS Deployment Best Practices. The following table shows the ciphers that remain in the BestPractices cipher in LMOS 7.2.52 in the left column, and the ciphers removed from the set in the right column:
| Carried Forward | Removed |
|---|---|
| ECDHE-ECDSA-AES256-GCM-SHA384 | DHE-RSA-AES256-GCM-SHA384 |
| ECDHE-RSA-AES256-GCM-SHA384 | DHE-DSS-AES256-GCM-SHA384 |
| ECDHE-RSA-AES256-SHA384 | DHE-RSA-AES256-SHA256 |
| ECDHE-ECDSA-AES256-SHA384 | DHE-DSS-AES256-SHA |
| ECDHE-RSA-AES128-GCM-SHA256 | DHE-RSA-AES256-SHA |
| ECDHE-ECDSA-AES128-GCM-SHA256 | DHE-RSA-AES128-GCM-SHA256 |
| ECDHE-RSA-AES128-SHA256 | DHE-DSS-AES128-GCM-SHA256 |
| ECDHE-ECDSA-AES128-SHA256 | DHE-RSA-AES128-SHA256 |
| DHE-RSA-AES128-SHA | |
| DHE-DSS-AES128-SHA256 | |
| ECDHE-RSA-AES256-SHA | |
| ECDHE-ECDSA-AES256-SHA | |
| ECDHE-RSA-AES128-SHA | |
| ECDHE-ECDSA-AES128-SHA |
In addition to the above, the following two ciphers were added to the BestPractices set:
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305