All versions of the Cato Socket and Cato SDP Clients use DTLS on UDP/443 to connect to Cato PoPs.
DTLS v1.2 is utilized for the underlay tunnel.
AES128 is the default cipher suite used by the Socket and Clients for PoP connections, if AES128 isn't available, then AES256 is used. These are the details:
Cato Socket
-
PSK-AES128-GCM-SHA256 (default cipher suite)
-
PSK-AES256-GCM-SHA384
Cato SDP Client
-
ECDHE-RSA-AES128-GCM-SHA256 (default cipher suite)
-
ECDHE-RSA-AES256-GCM-SHA384
- RSA_PSS_RSAE_SHA256
- RSA_PSS_RSAE_SHA384
- RSA_PSS_RSAE_SHA512
2 comments
Hi Team, what version of DTLS is using CATO now?
Sebastian,
Cato supports these TLS versions: 1.0, 1.1, 1.2, and 1.3.
Thanks for your comment,
Yaakov
Please sign in to leave a comment.