AES_GCM on ATP-Series
Freshman Member
Dear Zyxel-Team,
in the near Future a Phone-Provider we have an VPN Connection to, tolds me in December, that we urgently should update our Connection from AES_CBC to AES_GCM.
We use a ATP700 with the latest Update installed (5.41). Is there a Chance, that Zyxel provides GCM in an further Update ?
Thx
Gordon
Accepted Solution
-
Hi @Tunox
After checking with our product team, the ATP series, also USG FLEX series, won't implement AES_GCM.
If you have this requirement, we recommend migrating to USG FLEX H series.
Zyxel Melen0
Zyxel Employee
All Replies
-
Hi @Tunox
After checking with our product team, the ATP series, also USG FLEX series, won't implement AES_GCM.
If you have this requirement, we recommend migrating to USG FLEX H series.
Zyxel Melen0 -
Is available the technical reason why AES-GCM won't be implemented, as cypher, on Flex series?
0 -
Hi @mMontana
For ZLD (USG FLEX/ATP), we are not able to add AES-GCM-256 support, due to the fact that the underlying VPN turnkey does NOT support the algorithm and migrating to a newer version turnkey is not an option on this platform.
Zyxel Melen0 -
…because the updated version of turnkey is available on newer devices, Flex H.
I hope there won't be from third parties (like PCI-DSS) a "ban" for device having only AES_CBC as available protocol.
Could hit some nerve at budget levels…0
Guru Member
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 219 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.5K Security
- 588 USG FLEX H Series
- 344 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 52 Wireless Ideas
- 7K Consumer Product
- 298 Service & License
- 477 News and Release
- 91 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight
