About Web Security Appliance
The Cisco Web Security Appliance intercepts and monitors Internet traffic and applies policies to help keep your internal network secure from malware, sensitive data loss, productivity loss, and other Internet-based threats.
Supported Ciphers
This section contains the list of supported ciphers (SSL and SSH) for AsyncOS for Web Security Appliance.
Port 8443 (Management Interface)
TLS 1.0 |
TLS 1.1 |
TLS 1.2 |
---|---|---|
ECDHE-RSA-AES256-SHA - YES |
ECDHE-RSA-AES256-SHA - YES |
ECDHE-RSA-AES256-GCM-SHA384 - YES |
DHE-RSA-AES256-SHA - YES |
DHE-RSA-AES256-SHA - YES |
ECDHE-RSA-AES256-SHA384 - YES |
DHE-RSA-CAMELLIA256-SHA - YES |
DHE-RSA-CAMELLIA256-SHA - YES |
ECDHE-RSA-AES256-SHA - YES |
AES256-SHA - YES |
AES256-SHA - YES |
DHE-RSA-AES256-GCM-SHA384 - YES |
CAMELLIA256-SHA - YES |
CAMELLIA256-SHA - YES |
DHE-RSA-AES256-SHA256 - YES |
ECDHE-RSA-DES-CBC3-SHA - YES |
ECDHE-RSA-DES-CBC3-SHA - YES |
DHE-RSA-AES256-SHA - YES |
EDH-RSA-DES-CBC3-SHA - YES |
EDH-RSA-DES-CBC3-SHA - YES |
DHE-RSA-CAMELLIA256-SHA - YES |
DES-CBC3-SHA - YES |
DES-CBC3-SHA - YES |
AES256-GCM-SHA384 - YES |
ECDHE-RSA-AES128-SHA - YES |
ECDHE-RSA-AES128-SHA - YES |
AES256-SHA256 - YES |
DHE-RSA-AES128-SHA - YES |
DHE-RSA-AES128-SHA - YES |
AES256-SHA - YES |
DHE-RSA-SEED-SHA - YES |
DHE-RSA-SEED-SHA - YES |
CAMELLIA256-SHA - YES |
DHE-RSA-CAMELLIA128-SHA - YES |
DHE-RSA-CAMELLIA128-SHA - YES |
ECDHE-RSA-DES-CBC3-SHA - YES |
AES128-SHA - YES |
AES128-SHA - YES |
EDH-RSA-DES-CBC3-SHA - YES |
SEED-SHA - YES |
SEED-SHA - YES |
DES-CBC3-SHA - YES |
CAMELLIA128-SHA - YES |
CAMELLIA128-SHA - YES |
ECDHE-RSA-AES128-GCM-SHA256 - YES |
ECDHE-RSA-AES128-SHA256 - YES |
||
ECDHE-RSA-AES128-SHA - YES |
||
DHE-RSA-AES128-GCM-SHA256 - YES |
||
DHE-RSA-AES128-SHA256 - YES |
||
DHE-RSA-AES128-SHA - YES |
||
DHE-RSA-SEED-SHA - YES |
||
DHE-RSA-CAMELLIA128-SHA - YES |
||
AES128-GCM-SHA256 - YES |
||
AES128-SHA256 - YES |
||
AES128-SHA - YES |
||
SEED-SHA - YES |
||
CAMELLIA128-SHA - YES |
Port 443 (SSL Port)
TLS 1.0 |
TLS 1.1 |
TLS 1.2 |
TLS 1.3 |
||||
---|---|---|---|---|---|---|---|
ECDHE-RSA-AES128-S HA - YES |
ECDHE-RSA-AES128-S HA - YES |
DHE-RSA-AES256-GC M-SHA384 - YES |
TLS_AES_128_G CM_SHA256 - YES |
||||
ECDHE-ECDSA-AES12 8-SHA - YES |
ECDHE-ECDSA-AES12 8-SHA - YES |
DHE-RSA-AES128-GC M-SHA256 - YES |
TLS_CHACHA20_ POLY1305_SHA2 56 - YES |
||||
DHE-RSA-AES256-SHA - YES |
DHE-RSA-AES256-SHA - YES |
DHE-RSA-AES256-SHA 256 - YES |
TLS_AES_256_G CM_SHA384 - YES |
||||
DHE-RSA-AES128-SHA - YES |
DHE-RSA-AES128-SHA - YES |
DHE-RSA-AES256-SHA - YES |
|||||
AES256-SHA - YES |
AES256-SHA - YES |
DHE-RSA-AES128-SHA - YES |
|||||
AES128-SHA - YES |
AES128-SHA - YES |
DHE-RSA-AES128-SHA 256 - YES |
|||||
AES256-GCM-SHA384 - YES |
|||||||
AES256-SHA256 - YES |
|||||||
AES256-SHA - YES |
|||||||
AES128-GCM-SHA256 - YES |
|||||||
AES128-SHA256 - YES |
|||||||
AES128-SHA - YES |
|||||||
ECDHE-ECDSA-AES25 6-GCM-SHA384 - YES |
|||||||
ECDHE-ECDSA-CHAC HA20-POLY1305 - YES |
|||||||
ECDHE-ECDSA-AES12 8-GCM-SHA256 - YES |
|||||||
ECDHE-ECDSA-AES25 6-SHA384 - YES |
|||||||
ECDHE-ECDSA-AES12 8-SHA256 - YES |
|||||||
ECDHE-ECDSA-AES12 8-CCM - YES |
|||||||
ECDHE-ECDSA-AES25 6-CCM - YES |
|||||||
ECDHE-RSA-AES256-G CM-SHA384 - YES |
|||||||
ECDHE-RSA-CHACHA 20-POLY1305 - YES |
|||||||
ECDHE-RSA-AES128-G CM-SHA256 - YES |
|||||||
ECDHE-RSA-AES256-S HA384 - YES |
|||||||
ECDHE-RSA-AES128-S HA256 - YES |
|||||||
ECDHE-RSA-AES128-S HA - YES |
|||||||
Default Mode: DHE-RSA-AES128-SHA - YES AES128-SHA - YES |
Default Mode: DHE-RSA-AES128-SHA - YES AES128-SHA - YES |
Default Mode: AES256-GCM-SHA384 - YES AES256-SHA256 - YES DHE-RSA-AES128-SHA - YES AES128-GCM-SHA256 - YES AES128-SHA256 - YES AES128-SHA - YES |
Default Mode: TLS_AES_256_G CM_SHA384 - YES |
||||
|
|
Port 22 (SSH Port)
ssh2-enum-algos:
1. kex_algorithms (7):
|
2. encryption_algorithms (8):
|
3. server_host_key_algorithms (4):
|
4. mac_algorithms (4):
|
5. compression_algorithms (2):
|
Unsupported Ciphers
This section contains the list of unsupported ciphers.
Port 8443 (Management Interface)
SSL V 3.0 |
TLS 1.0 |
---|---|
RC4-MD5 |
RC4-MD5 |
RC4-SHA |
RC4-SHA |