Supported encryption methods for VPNs
Select encryption settings in your VPN according to the guidelines in your organization's security policy.
The message digest algorithms (for integrity checking) and encryption methods that are available in VPNs are listed. The IPsec standards mandate support for some options, but also allow other options to be provided by IPsec-compatible products. RFC 8221 lists the IPsec standard requirements that all IPsec-compliant products must follow.
Estimates of how common support for the various algorithms is in IPsec-compatible products are listed. This information can be helpful when deciding which methods to use when establishing a VPN with a third-party VPN device.
If your organization is required to follow FIPS encryption standards, some of the options presented are not available in your system. See the Common Criteria Certification User’s Guide for more information.