Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 181 replies
  • Answers 1 answer
  • Subscribers 76 subscribers
  • Views 34700 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall: v18.5 MR2: Feedback and experiences

LuCar Toni

https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-v18-5-mr2-is-now-available

Release Notes: https://docs.sophos.com/releasenotes/output/en-us/nsg/sf_185_rn.html

"Old" V18.5 MR1 Thread: https://community.sophos.com/sophos-xg-firewall/f/discussions/128960/sophos-firewall-v18-5-mr1-feedback-and-experiences/

"Old" V18.0 MR5 Thread: https://community.sophos.com/sophos-xg-firewall/f/discussions/127053/xg-firewall-v18-mr-5-feedback-and-experiences

Please review: https://support.sophos.com/support/s/article/KB-000043489?language=en_US



Prio
[gesperrt von: LuCar Toni um 8:07 AM (GMT -7) am 26 Mar 2022]
Parents Reply Children
  • 0 in reply to Regex

    It brings you you a cup of tea in the morning.

    Apart from security and performance, I'm not sure what else you could want from a secure connection.

  • 0 in reply to JasP

    Copied from a post by Luis Casillas on Stack. Exchange regarding CBC v GCM that may be illuminating:

    GCM = CTR + Authentication.

    But in general you are right; CBC is an older mode that was invented back in the dark ages cryptographically speaking (no later than the 1970s), and is now disfavored because of the lack of built-in authentication and all the trouble that's been caused by padding oracles. One good practical example of this is that TLS 1.3 got rid of support for CBC.

    GCM isn't a panacea either, however. It is strictly speaking correct, but has proven itself to be far from foolproof in practice:

    1. It fails spectacularly if you reuse a nonce. A single repeated nonce allows an adversary to recover its authentication subkey, plus to learn the XOR of the two messages with the same nonce.
    2. Its nonces are uncomfortably short (96 bits), which can be tricky to use with random nonces.

    CBC doesn't have these problems. Random IVs work just fine (and are in fact required), and if you do repeat an IV you don't get catastrophic failure, you just leak information about equal plaintext prefixes.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?