Support for Intel Coleto SSL chip based platforms
The following appliances ship with Intel Coleto chips:
- MPX 5901/5905/5910
- MPX 8905/8910/8920/8930
- MPX/SDX 26100-100G/26160-100G/26200-100G
- MPX/SDX 15020-50G/15030-50G/15040-50G/15060-50G/15080-50G/15100-50G
Use the ‘show hardware’ command to identify whether your appliance has Coleto (COL) chips.
> sh hardware Platform: NSMPX-8900 8*CPU+4*F1X+6*E1K+1*E1K+1*COL 8955 30010 Manufactured on: 10/18/2016 CPU: 2100MHZ Host Id: 0 Serial no: CRAC5CR8UA Encoded serial no: CRAC5CR8UA Done
Note: Secure renegotiation is supported on the back end for these platforms.
- DH 512 cipher is not supported.
- SSLv3 protocol is not supported.
- GnuTLS is not supported.
- ECDSA certificates with ECC curves P_224 and P521 are not supported (Not supported on platforms with Cavium chips also.)
- DNSSEC offload is not supported. (DNSSEC is supported in software but offload to hardware is not supported.)