You can configure the security protocols and cipher suites that are accepted by Connection Server. You can define a global acceptance policy that applies to all Connection Server instances in a replicated group, or you can define an acceptance policy for individual Connection Server instances.
You also can configure the security protocols and cipher suites that Connection Server instances propose when connecting to vCenter Server. You can define a global proposal policy that applies to all Connection Server instances in a replicated group. You cannot define individual instances to opt out of a global proposal policy.
Note: The security settings for Connection Server do not apply to Blast Secure Gateway (BSG). You must configure security for BSG separately. See Configuring Security Protocols and Cipher Suites for Blast Secure Gateway.
Oracle's Unlimited Strength Jurisdiction Policy files are included as standard, allowing 256-bit keys by default.