 
					
				
			
			
				PCNSE
NSE
StrongSwan
When you mention strength of the key I gather you' re referring to the password that the user is using. If this is the case, our requirements are sufficient (min # of char, upper /lowercase, special chars, numbers, etc).No this would be the actual private-key strength, held by the ssl ( server )
When it comes to encryption, obviously we would be more comfortable with 256 bit. FortiNet seems to state that any of the above mentioned suites could be used. Why would they do this? Why not define a standard? I can' t be the first to ask for more info on the encryption type.I think there' s no such thing as one single standard, due to some many different browsers types. e.g The Us Gov has standard or set the standards on AES, but EU and Japan seems to think CAMELLIA is better. ( similar to US vrs UK and feet vrs meters or lb vrs kg ) This is why they list low med high ciphers in order to allow for the differences in browsers. Since in this SSL/TLS word, one single standard has not yet to be defined. Now for the forticlient, I would expect it would always take the highest level cipher that available. Even with a let' s say a HIGH cipher type, 128bit is deemed high depending on the cipher. (e.g) See image file AES128-RSA-SHA is high
 
					
				
			
			
				PCNSE
NSE
StrongSwan
I hate my first post to this form being a thread necromancer, but I am working on revising my company's System Security Plan now that we have a FWF 60-E.
We are running 6.0.3 as the IOS and I entered the CLI command to force the device to use a strong cipher. We are using the SSL VPN. I've gone over a lot of documentation and I haven't found a way to identify which cipher my device is using.
Does anyone know how to determine this, so I can make the appropriate changes to my SSP?
TIA!
Leigh
RegDOX Solutions Inc.
Exclusive Marketer of RegDOX Products and Services
One Tara Boulevard, Suite 300 www.RegDOX.com
Nashua, NH 03062
(603) 589-4830
hello friend, For an audit, they ask me to send a capture about "Encryption mechanism implemented for VPN traffic (ssl, ipsec, etc)", what do you mean? Would you understand what is the configuration of the vpn ssl in the FORTIGATE? Could you clear that doubt, I thank you
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2656 | |
| 1410 | |
| 810 | |
| 699 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.