Blue Coat customers using the SSL Visibility Appliance product may notice that some SSL sessions to Google servers are being cut through with the session log indicating that the session is using an unknown cipher suite.
This behavior is correct and does not result in any impact on the user, it simply means that the session is not being decrypted by the SSL Visibility Appliance and so the attached security tools will not see the decrypted data.
Blue Coat has supported inspecting traffic using the ChaCha20-Poly_1305 cipher suites for over two years, since they were introduced by Google and continues to provide the ability to decrypt this traffic. However, recently Google has defined a new set of ChaCha cipher suites as part of the process of standardizing ChaCha within IETF. The latest versions of Chrome support the new versions of ChaCha and so when communicating with Google servers the session will make use of the newer ChaCha versions which the SSL Visibility Appliance does not currently support. As a result, the session will cut through as an unknown cipher suite. Google is still supporting the original versions of ChaCha so older versions of Chrome will use the earlier versions and this traffic can be decrypted by the SSL Visibility Appliance.
Update - release 220.127.116.11 addressed the issue detailed here and is available on the BTO as of June 6, 2016
Blue Coat will be releasing a maintenance release of software for the SSL Visibility Appliance in the near future that adds support for the newer ChaCha versions so that customers will be able to decrypt traffic using the newer ChaCha cipher suites as well as the original versions.
Imported Document ID: 000031045
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.