[BASE] Communication Settings

Audit Log User Guide for VSP 5000 Series

Version
90-08-8x
Audience
anonymous
Part Number
MK-98RD9010-12

Example

09XX,20YY/MM/DD,HH:MM:SS.xxx,00:00, RMI AP,uid=user-name,,
[BASE],Communication Settings,,Normal end,
from=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx,,Seq.=xxxxxxxxxx
+[{Change TLS Version Setting TLS1.2=true, TLS1.3=true},
{Change CipherSuites Setting TLS1.2
TLS_RSA_WITH_AES_256_CBC_SHA256=true,
TLS_RSA_WITH_AES_256_GCM_SHA384=false},
{Change CipherSuites Setting TLS1.3 TLS_AES_128_GCM_SHA256=false},
{Change Minimum KeyExchange Key Length RSA=2048 bits, DHE=2048 bits,
ECDHE=256 bits(secp256r1)},
{Change Renegotiation Setting Renegotiation=false}]

Detailed Information

Item

Description

Change TLS Version Setting

Indicates whether the protocol (TLS1.2 or TLS1.3) is enabled. This item is not output when the setting has not been changed.

true: Enabled, false: Disabled

Change CipherSuites Setting TLS1.2

Indicates whether each of the following TLS 1.2 cipher suites is enabled. This item is not output when the setting has not been changed.

  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

Either of the following statuses is output.

true: Enabled, false: Disabled

Change CipherSuites Setting TLS1.3

Indicates whether each of the following TLS 1.3 cipher suites is enabled. This item is not output when the setting has not been changed.

  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384

Either of the following statuses is output.

true: Enabled, false: Disabled

Change Minimum KeyExchange Key Length

The set value of the minimum key length allowed for each of the following key exchange algorithms that are used during communication. This item is not output when the setting has not been changed.

  • RSA
    • 2048 bit
    • 3072 bit
    • 4096 bit
  • DHE
    • 2048 bit
  • ECDHE
    • 256 bit (secp256r1)
    • 384 bit (secp384r1)
    • 521 bit (secp521r1)

Change Renegotiation Setting

Indicates whether renegotiation is enabled.

This item is output only when TLS 1.2 is enabled. This item is not output when the setting has not been changed.

Renegotiation=true: Enabled, Renegotiation=false: Disabled