The Brocade Virtual Traffic Manager 10.4 (Brocade vTM) offers support for ECDSA ciphers, providing significant performance and throughput advantages over earlier versions. In addition, this version also includes support for self-registration when used with Brocade Services Director, which simplifies the creation and upgrade of large-scale ADC deployments.
Highlights in this release include:
Support for ECDSA ciphers - Elliptic Curve Digital Signature Algorithm (ECDSA) ciphers provide an alternative to the popular RSA methods to create, share and verify signatures using Elliptic Curve (ECC) key pairs. These can be used with both TLS and DNS transactions to provide enhanced performance for key exchange and authentication. In addition the cipher selection can be set for specific virtual servers, by restricting them to the more secure cipher suites, while still allowing other virtual servers to use a broader range of cipher suites for compatibility with older browsers.
Certificate Agility - Brocade vTM can now support alternate certificates, which makes it easier to take advantage of improved SSL offloading performance offered by ECDSA certificates, while maintaining interoperability with RSA-only client devices. To support this, Virtual Servers using SSL/TLS decryption (ssl_decrypt) can be configured with up to two X.509 certificate chains, and each additional SSL Site for a Server Name Indication (SNI) name or destination IP address can also be configured with up to two X.509 certificate chains. The end-entity certificates making up each pair should have different types of key (for example, RSA and ECDSA).
SSL v2 deprecated - From this version, Brocade vTM 10.4, SSL v2 will be available to applications, but will be deprecated: future releases of Brocade vTM will not include SSL v2 as an option. SSL v2 will be supported within the 10.4 LTS (Long Term Support) program for customers that need to continue to use SSL v2. For more information about how Brocade vTM negotiates the most secure protocols for each session, see the community article Configuring SSL/TLS protocols with Brocade Virtual Traffic Manager.
Long-Term Support release - For customers who prefer longer support cycles to support their operational model, Brocade is identifying Brocade vTM 10.4 as an LTS (Long Term Support) release. This means that support for Brocade vTM 10.4 will be available for three years after the release date.
For more information:
For more information, please refer to the release notes, available on the download site. A complete set of user documentation is also available on Brocade.com, including getting started guides, installation, configuration and API reference documentation.