vRealize Network Insight Cloud supports several encryption algorithms and ciphers for data sources. If FIPS compliant mode is enabled, data sources use only cryptographic algorithms that are FIPS-140 compliant.

The following table lists the encryption algorithms and ciphers that are supported for data sources in Supported Products and Versions.

Data sources Encryption Algorithms and Ciphers

Arista switches

Brocade VDX switches

Check Point Firewall

Cisco ASA V Series

Cisco UCS Fabric interconnect

Dell Force 10 S6000, Force 10 MXL 10, PowerConnect 8024, S4048, S4810

HPE 5940, 10500

Juniper switches

Mellanox

Key exchange algorithms:

  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group-exchange-sha256
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521

Ciphers:

  • blowfish-cbc
  • 3des-cbc
  • aes128-cbc
  • aes192-cbc
  • aes256-cbc
  • aes128-ctr
  • aes192-ctr
  • aes256-ctr
  • 3des-ctr
  • arcfour
  • arcfour128
  • arcfour256

MACs:

  • hmac-md5
  • hmac-sha1
  • hmac-md5-96
  • hmac-sha1-96

Brocade MLX

Cisco ASR and ISR

Cisco Catalyst 4500, 6500

Cisco Nexus N5000, N7000, N9000

Dell OS 10

HP Virtual Connect Manager

Huawei Cloud Engine

Key exchange algorithms:

  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1

Ciphers:

  • blowfish-cbc
  • blowfish-ctr
  • 3des-cbc
  • 3des-ctr
  • aes128-cbc
  • aes128-ctr
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr

MACs:

  • hmac-md5
  • hmac-md5-96
  • hmac-sha1
  • hmac-sha1-96

If the FIPS Mode For External Connections option is enabled for data sources listed in Supported Products and Versions, the data sources can use only cryptographic algorithms that are FIPS-140 compliant. See Configuring FIPS compliant mode to learn more.

The following table lists all the encryption algorithms and ciphers that are supported for data sources in FIPS compliant mode:

Data sources Encryption Algorithms and Ciphers

Arista switches

Brocade VDX switches

Check Point Firewall

Cisco ASA V Series

Cisco UCS Fabric interconnect

Dell Force 10 S6000, Force 10 MXL 10, PowerConnect 8024, S4048, S4810

HPE 5940, 10500

Juniper switches

Mellanox

Key exchange algorithms:

  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group-exchange-sha256
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521

Ciphers:

  • 3des-cbc
  • aes128-cbc
  • aes192-cbc
  • aes256-cbc
  • aes128-ctr
  • aes192-ctr
  • aes256-ctr
  • 3des-ctr

MACs:

  • hmac-sha1
  • hmac-sha1-96

Brocade MLX

Cisco ASR and ISR

Cisco Catalyst 4500, 6500

Cisco Nexus N5000, N7000, N9000

Dell OS 10

HP Virtual Connect Manager

Huawei Cloud Engine

Key exchange algorithms:

  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1

Ciphers:

  • 3des-cbc
  • 3des-ctr
  • aes128-cbc
  • aes128-ctr
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr

MACs:

  • hmac-sha1
  • hmac-sha1-96