ORIGINAL: ede_pfau I see - reduce the computational load a bit: - from SHA256 to SHA1 - from DH group 5 to group 2 (shorter keylength), both in phase 1 and 2 You won' t loose any significant measure of security by following this. Be cautious before you switch firmware versions. You can always go to 4.2.11 if you' re on a lesser patch level. But think twice before upgrading to a 4.3 release. Experience shows that it' s got more functionality and higher memory footprint. Don' t take my word for it, have a look at the 100+ posts about 4.3 ...Does fortinet have any plans to optimize for SHA256 or is it a hardware limitation?
-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.