Reference Guide
* Group : HTTPS
* Rules : Textual openssl cipherlist (colan,comma and space separated)
* Example: ALL:-MD5:!PSK
* Valid options: Ciphers
*/
[HTTPS]
Ciphers:!ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM:!SSLv3
Default_fips
FIPS template has the ciphers that are certified for Brocade products.
/************************************************************************
* Brocade - FIPS Template for Security Crypto Configuration
*
* Desc:
*
* Default values for security crypto configurations for FIPS compliance
*
*************************************************************************/
[Ver] 0.1
/*
* Group : SSH
* Rules : Comma Separated
* Example : aes128-ctr,aes192-ctr -> Note, no space before and after comma.
* Valid options: Kex, Mac, Enc
*/
[SSH]
Enc:aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
Kex:ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
Mac:hmac-sha1,hmac-sha2-256,hmac-sha2-512
/*
* Group : AAA
* Rules : Textual openssl cipherlist (colan,comma and space separated)
* Example: ALL:-MD5:!PSK
* Valid options: RAD_Ciphers, LDAP_Ciphers
*/
[AAA]
RAD_Ciphers:!ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
LDAP_Ciphers:!ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
/*
* Group : HTTPS
* Rules : Textual openssl cipherlist (colan,comma and space separated)
* Example: ALL:-MD5:!PSK
* Valid options: Ciphers
*/
[HTTPS]
Ciphers:!ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
/*
* Group : FIPS
* Rules : Applicable only to FIPS mode configuration. "yes" for configuration enabled and "no" for disabled
* Example: "yes" OR "no"
* Valid options: SelfTests, BootProm, Enable
*/
[FIPS]
SelfTests:yes
BootProm:no
Zeroize:yes
Enable:yes
Configuring Protocols
Brocade Fabric OS Administration Guide, 8.0.1
53-1004111-02 193