Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 2923 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL encryption best practices

NewImage
Hi
After the Crime/beast attacks and the belief that 1024bit keys might not be secure anymore I decided to recheck my VPN settings.

I increased the key size to 2048 and turned off SSL compression, and switched from a MD5 to SHA1 hash, but that cut my bandwidth in half for clients. I have not played around with the Encryption algorithm yet.

Is VPN traffic susceptible to these attacks? 
Will steps needed to increase the security of the encryption negatively affect bandwidth? 
Is there a setting that balances a decent layer of security with performance?


This thread was automatically locked due to age.
  • 0
    Hi, compression is the only setting that should significantly affect bandwidth utilization. However, slower encryption protocols can add strain to the CPU.

    I don't know how much beast & crime can affect VPNs, but my understanding is that beast is mostly a browser problem.

    Barry
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML