The SSL Visibility Appliances support a broad list of options for ciphers, HMACS, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms.

SSL Visibility allows the following ciphers:

• [email protected]
• [email protected]
• [email protected]
• aes128-ctr
• aes192-ctr
• aes256-ctr

The following HMACS are supported on the SSL Visibility:

• [email protected]
• [email protected]
• hmac-sha2-256 hmac-sha2-512
• [email protected]
• hmac-sha1

SSL Visibility supports these Host Key Algorithms:

• ssh-ed25519
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521
• rsa-sha2-512 rsa-sha2-256
• ssh-rsa

The Key Exchange Algorithms support on SSL Visibility are:

• curve25519-sha256
• [email protected]
• ecdh-sha2-nistp256
• ecdh-sha2-nistp384
• ecdh-sha2-nistp521
• diffie-hellman-group-exchange-sha256
• diffie-hellman-group14-sha256
• diffie-hellman-group16-sha512
• diffie-hellman-group18-sha512
• diffie-hellman-group14-sha

The Public Key Auth Accepted Algorithms the SSL Visibility accepts are:

• ssh-ed25519
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521
• rsa-sha2-512
• rsa-sha2-256
• ssh-rsa

Over time, some ciphers, HMACs, Host Key Algorithms, Key Exchange Algorithms, and Public Key Auth Accepted Algorithms may become deprecated.  In this case you may want to remove them from the options SSL Visibility software supports.  This can be done and is documented in the following Knowledge Base Article.

Disabling ciphers