FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
M_Abdelhamid
Staff
Staff
Article Id 405197
Description

 

This article describes the cipher suite TLS1.2 concept and provides an explanation of how it works.

 

Scope

 

Any Fortinet products which support cipher suite 1.2.

 

Solution

 

Cipher suites are collections of protocols and algorithms that facilitate the establishment of secure connections over networks using Transport Layer Security (TLS), commonly referred to as Secure Sockets Layer (SSL). These suites play a crucial role in securing the data exchanged between clients and servers by determining the set of encryption methods and other necessary security procedures.

 

When establishing a secure HTTPS connection, the web server and the client first undergo a process known as the SSL handshake. This handshake, which can be intricate, involves both parties agreeing on a cipher suite to use for their communication. Once a common cipher suite is selected, it is then used to create and maintain a secure encrypted HTTPS session.

 

The following illustration outlines the information provided by a cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.

 

Starting from left to right:

 

  • TLS: Protocol.
  • ECDHE: Key exchange algorithm.
    RSA: Authentication algorithm.
  • AES_128_GCM: Encryption algorithm.
  • SHA256: Hash algorithm.