realtimer
asked on
Exchange 2016 - what encryption ciphers does it use by default?
Hello,
As part of an audit, I need to furnish the encryptions ciphers used by our mail server, which in our case is
an Exchange 2016 CU 17 server.
Specifically, here's the question:
If TLS is being used, are cryptographically strong key exchange and message encryption ciphers being used?
<The preference order of key exchange and encryption ciphers is:
1.Key exchange: Elliptic Curve Diffie–Hellman (ECDH), Encryption: AES in Galois Counter Mode (AESGCM)
2.Key Exchange: Diffie–Hellman (DH), Encryption: AES in Galois Counter Mode (AESGCM)
3.Key Exchange: Elliptic curve Diffie–Hellman (ECDH), Encryption: AES-256 (AES256)
4.Key Exchange: Diffie–Hellman (DH), Encryption: AES-256 (AES256)
5.Key Exchange: Elliptic Curve Diffie–Hellman (ECDH), Encryption: AES-128 (AES128)
6.Key Exchange: Diffie–Hellman (DH), Encryption: 128 or 256 bit AES (AES)
7.Key Exchange: RSA, Encryption: AES in Galois/Counter Mode (AESGCM)
No other key-exchange and encryption ciphers are allowed>
I'm not quite sure how to check and see what it uses. Can you offer any suggestions?
Thanks in advance.
Regards,
Real-Timer
As part of an audit, I need to furnish the encryptions ciphers used by our mail server, which in our case is
an Exchange 2016 CU 17 server.
Specifically, here's the question:
If TLS is being used, are cryptographically strong key exchange and message encryption ciphers being used?
<The preference order of key exchange and encryption ciphers is:
1.Key exchange: Elliptic Curve Diffie–Hellman (ECDH), Encryption: AES in Galois Counter Mode (AESGCM)
2.Key Exchange: Diffie–Hellman (DH), Encryption: AES in Galois Counter Mode (AESGCM)
3.Key Exchange: Elliptic curve Diffie–Hellman (ECDH), Encryption: AES-256 (AES256)
4.Key Exchange: Diffie–Hellman (DH), Encryption: AES-256 (AES256)
5.Key Exchange: Elliptic Curve Diffie–Hellman (ECDH), Encryption: AES-128 (AES128)
6.Key Exchange: Diffie–Hellman (DH), Encryption: 128 or 256 bit AES (AES)
7.Key Exchange: RSA, Encryption: AES in Galois/Counter Mode (AESGCM)
No other key-exchange and encryption ciphers are allowed>
I'm not quite sure how to check and see what it uses. Can you offer any suggestions?
Thanks in advance.
Regards,
Real-Timer
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
For author to further advice any more comment.
ASKER
Thanks for the assistance. Sorry for the late case closure.