What Kerberos version is supported in ProxySG? Can the Proxy control which encryption algorithm or hashing algorithm are used?
ProxySG uses Kerberos version 5.
ProxySG does not control which encryption algorithms are used. It is the user account setting for the service in KDC that decides the type of encryption being used. Clients will forward the Kerberos token it got from the KDC and ProxySG will simply decrypt the Kerberos token received either based on its machine account password or domain account password with which SPN was created depending on the type of the deployment.
More details about Windows Configurations for Kerberos Supported Encryption Type can be found: