Hey folks,
I get the question alot, “what’s SSL ciphers should I be using on my FIPS ADC boxes to achieve the highest levels of security?”. Here’s the answer. You should be using TLS 1.2 ONLY for all perimeter facing traffic, that means SSLv2, SSLv3, TLS1.0, and TLS1.1 are disabled. I use a default SSL profile for this to make sure I don’t oops on a new vServer being created. Always good to have the extra level of comfort knowing the default is system high.
Next, I also make sure to go with the strongest ciphers possible. These are the algorithm at which the client – server traffic will communicate. On the ADC 12.1 code, there are a number of FIPS compliant ciphers supported in a precreated cipher group with the name of FIPS. However, this group by default does include some weaker ciphers to allow some backwards compatibility for some older clients that may not support the stronger/newer ciphers yet. This group also does not have the cipher listed in the stronger to weaker order properly. By default, I recommend the following be made via the CLI for the strongest TLS 1.2 FIPS compliant cipher group for ECDSA ciphers ONLY.
add ssl cipher FIPS_12-1_TLS12_ECDSA
bind ssl cipher FIPS_12-1_TLS12_ECDSA -cipherName TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384 -cipherPriority 1
bind ssl cipher FIPS_12-1_TLS12_ECDSA -cipherName TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256 -cipherPriority 2
bind ssl cipher FIPS_12-1_TLS12_ECDSA -cipherName TLS1.2-ECDHE-ECDSA-AES256-SHA384 -cipherPriority 3
bind ssl cipher FIPS_12-1_TLS12_ECDSA -cipherName TLS1.2-ECDHE-ECDSA-AES128-SHA256 -cipherPriority 4
bind ssl cipher FIPS_12-1_TLS12_ECDSA -cipherName TLS1-ECDHE-ECDSA-AES256-SHA -cipherPriority 5
bind ssl cipher FIPS_12-1_TLS12_ECDSA -cipherName TLS1-ECDHE-ECDSA-AES128-SHA -cipherPriority 6
If your certificate is still using an RSA key (that’s ok), then you’ll need to make sure the RSA ciphers are also in the cipher group. This list below includes those.
add ssl cipher FIPS_Reordered_FW121_TLS12
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384 -cipherPriority 1
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256 -cipherPriority 2
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-ECDSA-AES256-SHA384 -cipherPriority 3
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-ECDSA-AES128-SHA256 -cipherPriority 4
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-RSA-AES256-GCM-SHA384 -cipherPriority 5
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-RSA-AES128-GCM-SHA256 -cipherPriority 6
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-RSA-AES-256-SHA384 -cipherPriority 7
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-ECDHE-RSA-AES-128-SHA256 -cipherPriority 8
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-AES256-GCM-SHA384 -cipherPriority 9
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-AES128-GCM-SHA256 -cipherPriority 10
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-AES-256-SHA256 -cipherPriority 11
bind ssl cipher FIPS_Reordered_FW121_TLS12 -cipherName TLS1.2-AES-128-SHA256 -cipherPriority 12
Beyond this, you’ll want to be using elliptical curve cryptography to achieve perfect forward secrecy, and make sure you’re using strong SSL Server certificates with RSA 256 or 512 key strength or ECDSA 512. You’ll also want to be using HTTP Strict Transport Security (HSTS), here is how on 12.0/12.1 and older.
Hope this helps. Please feel free to drop a comment with any questions or feedback.
Till next time, thanks for reading.
-Shane
shilllabs.com 