Details
Sets the SSL encryption algorithm to AES 256
Rationale:
Given that the network may be prone to sniffing, the HTTP access to the security appliance must be secured with SSL or TLS protocols. A secure encryption algorithm must be used.
Solution
For version 8.x, run the following command to enable AES 256 algorithm
hostname(config)# ssl encryption aes256-sha1
For version 9.x, run the following command to enable AES 256 algorithm
hostname(config)# ssl cipher tlsv1 custom AES256-SHA
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.