That's a fine question. All the Cisco gear I have seen only supports 3DES in the "strong" cipher range. Personally 3DES is my favourite strong cipher anyway - and it flies in hardware. It just sucks badly on "normal" processors. Note that the large list of ciphers in RFC 2451 is all very nice, but the only "madatory to implement" one is simple DES. Given the AES, though, I would imagine that it would be marketing suicide for them not to support that, at least. Whether you trust AES more than 3DES is a different question. It's faster in software though. ;) Cheers, -- Ben Nagy Network Consultant, Volante Solutions PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520 > -----Original Message----- > From: Jason Axley [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, 31 October 2000 7:22 AM > To: iCefoX > Cc: [EMAIL PROTECTED]; Firewall list (E-mail) > Subject: Re: vpn > > > Anyone know which ones have the best cipher support? The > Nortel products > only support DES or 3DES. Do the Cisco products actually support more > than that? There are faster strong ciphers than 3DES. Just curious. > > -Jason - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
