Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jonathan_Body_FTNT
Staff
Staff

Created on ‎03-14-2011 06:07 AM Edited on ‎02-05-2024 09:54 AM By Moderator

Article Id 197079

Technical Tip: How to strengthen SSL ciphers in FortiOS

Description

This article explains how to strengthen SSL ciphers when using FortiOS.


Scope

FortiOS v4.0 and above.
FortiOS v4.0 MR3 and above for SSL offload and Wan Optimization.


Solution

To strengthen HTTPS access to the FortiGate connect to the CLI and run the following commands:
config system global
set strong-crypto enable
end
To strengthen SSL VPN ciphers run the following commands on the CLI:
config vpn ssl settings
set sslv2 disable
set sslv3 enable
set algorithm high
end
Use FortiOS v4.0 MR3 and above to run these commands for SSL offload and Wan Optimization.

 

3069
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.