Global acceptance and proposal policies enable certain security protocols and cipher suites by default.

Table 1. Default Global Policies

Default Security Protocols

Default Cipher Suites

  • TLS 1.2

  • TLS 1.1

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

  • TLS_RSA_WITH_AES_128_CBC_SHA

  • TLS_RSA_WITH_AES_256_CBC_SHA

GCM cipher suites are not enabled by default for performance reasons.