Saturday, November 6, 2021

Palo Alto firewall - Best Practices for IPSec Encryption

As a best practice, select ESP (Encapsulating Security Payload) over AH (Authentication Header) because ESP offers both confidentiality and authentication for the connection whereas AH offers only authentication.

As a best practice, choose the strongest authentication and encryption algorithms the peer can support.

▶ For the authentication algorithm, use SHA-256 or higher (SHA-384 or higher preferred for long-lived transactions). Do not use SHA-1 or MD5.

▶ For the encryption algorithm, use AES; DES and 3DES are weak and vulnerable. AES with Galois/Counter Mode (AES-GCM) provides the strongest security and has built-in authentication, so you must set Authentication to none if you select aes-256-gcm or aes-128-gcm encryption.

* Source: Define IPSec Crypto Profiles (PAN)

If you are using encryption or authentication algorithms with a 128-bit key, use Diffie-Hellman groups 19, 20. If you are using encryption or authentication algorithms with a 256-bit key or higher, use Diffie-Hellman group 21. RFC 5114 Sec 4 states DH Group 24 strength is about equal to a modular key that is 2048-bits long, that is not strong enough to protect 128 or 256-bit AES, so I also mark that as AVOID.

* Source: Diffie-Hellman Group Use in IKE

In Palo Alto IKE Crypto Profiles, the hash is automatically selected based on the DH Group selected. DH Group 19 and below uses sha256; DH Group 20 uses sha384.

Please see the details at Define IKE Crypto Profiles (PAN).

※ Palo Alto configuration options:
Encryption—aes-256-gcm, aes-256-cbc, aes-192-cbc, aes-128-gcm, aes-128-ccm (the VM-Series firewall doesn’t support this option), aes-128-cbc, 3des, des.
Authentication—sha512, sha384, sha256, sha1, md5.
DH Group: group1, group2, group5, group14, group19, or group20.
(For highest security, choose the group with the highest number.)

* Reference URLs:
Diffie Hellman Groups (Cisco Community)

No comments: