Security levels and supported security ciphers
You can use connections based on the Transport Layer Security (TLS), which is the successor of the Secure Sockets Layer (SSL) protocol, to ensure safer communications.
Version
This information about security settings applies to the current release only.
SSL certificates
The system uses a certificate to authenticate SSL connections. For more information about managing certificates, see Creating and managing certificate authority store by using CLI.
TLS or SSL connections and security levels
The system uses TLS or SSL connections to control access to interfaces such as the management GUI, the service assistant GUI, the key server, and RESTful API. TLS or SSL connections use security ciphers to help control access.
You can use security ciphers that are supported by different levels of TLS or SSL. Each level supports ciphers that provide differing strengths of encryption. You can set the security level to 5, 6, or 7 to be compliant with the NIST 800-52 standard. Security level 7 allows only the cipher suite TLS_AES_256_GCM_SHA384, which the NIST recommends for Federal Information Processing Standards (FIPS) mode.
SSL protocol levels 2 to 4 do not support the TLS 1.3 protocol and the cipher suites that are approved by the NIST 800-52 standard. Currently, the TLS or SSL security level 7 is the maximum level that is supported and TLS or SSL security level 2 is the lowest security level supported.
SSL protocols and ciphers supported at each security level
Protocol level | Is it supported? |
---|---|
TLS 1.3 | Yes |
TLS 1.2 | No |
TLS 1.1 | No |
TLS 1.0 | No |
SSL 3 and earlier | No |
Java SSL ciphers |
---|
TLS_AES_256_GCM_SHA384 |
Cipher | Bulk encryption algorithm | Hashing algorithm |
---|---|---|
AES-256-GCM-SHA384 | AES-256-GCM | SHA384 |
Protocol level | Is it supported? |
---|---|
TLS 1.3 | Yes |
TLS 1.2 | No |
TLS 1.1 | No |
TLS 1.0 | No |
SSL 3 and earlier | No |
Java SSL ciphers |
---|
TLS_AES_256_GCM_SHA384 |
TLS_CHACHA20_POLY1305_SHA256 |
TLS_AES_128_GCM_SHA256 |
TLS_AES_128_CCM_8_SHA256 |
TLS_AES_128_CCM_SHA256 |
Cipher | Bulk encryption algorithm | Hashing algorithm |
---|---|---|
AES-256-GCM-SHA384 | AES-256-GCM | SHA384 |
CHACHA20-POLY1305-SHA256 | CHACHA20-POLY1305 | SHA256 |
AES-128-GCM-SHA256 | AES-128-GCM | SHA256 |
AES-128-CCM-8-SHA256 | AES-128-CCM-8 | SHA256 |
AES-128-CCM-SHA256 | AES-128-CCM | SHA256 |
Protocol level | Is it supported? |
---|---|
TLS 1.3 | Yes |
TLS 1.2 | Yes |
TLS 1.1 | No |
TLS 1.0 | No |
SSL 3 and earlier | No |
Java SSL ciphers |
---|
For TLS 1.3 |
TLS_AES_256_GCM_SHA384 |
TLS_CHACHA20_POLY1305_SHA256 |
TLS_AES_128_GCM_SHA256 |
TLS_AES_128_CCM_8_SHA256 |
TLS_AES_128_CCM_SHA256 |
For TLS 1.2
The security level 5 supports all the Java SSL ciphers that are supported at the security level 3. A few more TLS 1.2 specific Java SSL ciphers that are supported at level 5 are:
|
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
TLS_RSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 |
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 |
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
TLS_RSA_WITH_AES_128_GCM_SHA256 |
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 |
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 |
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 |
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 |
Cipher | Bulk encryption algorithm | Hashing algorithm |
---|---|---|
AES-256-GCM-SHA384 | AES-256-GCM | SHA384 |
CHACHA20-POLY1305-SHA256 | CHACHA20-POLY1305 | SHA256 |
AES-128-GCM-SHA256 | AES-128-GCM | SHA256 |
AES-128-CCM-8-SHA256 | AES-128-CCM-8 | SHA256 |
AES-128-CCM-SHA256 | AES-128-CCM | SHA256 |
Cipher | Kx | Au | Enc | Mac |
---|---|---|---|---|
ECDHE-RSA-AES256-GCM-SHA384 | ECDH | RSA | AESGCM(256) | AEAD |
ECDHE-ECDSA-AES256-GCM-SHA384 | ECDH | ECDSA | AESGCM(256) | AEAD |
ECDHE-RSA-AES256-SHA384 | ECDH | RSA | AES(256) | SHA384 |
ECDHE-ECDSA-AES256-SHA384 | ECDH | ECDSA | AES(256) | SHA384 |
DHE-RSA-AES256-GCM-SHA384 | DH | RSA | AESGCM(256) | AEAD |
DHE-RSA-AES256-SHA256 | DH | RSA | AES(256) | SHA256 |
AES256-GCM-SHA384 | RSA | RSA | AESGCM(256) | AEAD |
AES256-SHA256 | RSA | RSA | AES(256) | SHA256 |
ECDHE-RSA-AES128-GCM-SHA256 | ECDH | RSA | AESGCM(128) | AEAD |
ECDHE-ECDSA-AES128-GCM-SHA256 | ECDH | ECDSA | AESGCM(128) | AEAD |
ECDHE-RSA-AES128-SHA256 | ECDH | RSA | AES(128) | SHA256 |
ECDHE-ECDSA-AES128-SHA256 | ECDH | ECDSA | AES(128) | SHA256 |
DHE-RSA-AES128-GCM-SHA256 | DH | RSA | AESGCM(128) | AEAD |
DHE-RSA-AES128-SHA256 | DH | RSA | AES(128) | SHA256 |
AES128-GCM-SHA256 | RSA | RSA | AESGCM(128) | AEAD |
AES128-SHA256 | RSA | RSA | AES(128) | SHA256 |
Protocol level | Is it supported? |
---|---|
TLS 1.2 | Yes |
TLS 1.1 | No |
TLS 1.0 | No |
SSL 3 and earlier | No |
Java SSL ciphers |
---|
SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
SSL_DHE_DSS_WITH_AES_256_GCM_SHA384 |
SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
SSL_DHE_DSS_WITH_AES_128_GCM_SHA256 |
Cipher | Kx | Au | Enc | Mac |
---|---|---|---|---|
ECDHE-ECDSA-AES256-GCM-SHA384 | ECDH | ECDSA | AESGCM(256) | AEAD |
DHE-DSS-AES256-GCM-SHA384 | DH | DSS | AESGCM(256) | AEAD |
ECDHE-ECDSA-AES128-GCM-SHA256 | ECDH | ECDSA | AESGCM(128) | AEAD |
DHE-DSS-AES128-GCM-SHA256 | DH | DSS | AESGCM(128) | AEAD |
Protocol level | Is it supported? |
---|---|
TLS 1.2 | Yes |
TLS 1.1 | No |
TLS 1.0 | No |
SSL 3 and earlier | No |
Java SSL ciphers |
---|
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
SSL_RSA_WITH_AES_256_CBC_SHA256 |
SSL_RSA_WITH_AES_256_GCM_SHA384 |
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 |
SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384 |
SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 |
SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 |
SSL_DHE_RSA_WITH_AES_256_GCM_SHA384 |
SSL_DHE_DSS_WITH_AES_256_CBC_SHA256 |
SSL_DHE_DSS_WITH_AES_256_GCM_SHA384 |
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA |
SSL_RSA_WITH_AES_256_CBC_SHA |
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA |
SSL_ECDH_RSA_WITH_AES_256_CBC_SHA |
SSL_DHE_RSA_WITH_AES_256_CBC_SHA |
SSL_DHE_DSS_WITH_AES_256_CBC_SHA |
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
SSL_RSA_WITH_AES_128_CBC_SHA256 |
SSL_RSA_WITH_AES_128_GCM_SHA256 |
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 |
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256 |
SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 |
SSL_DHE_RSA_WITH_AES_128_GCM_SHA256 |
SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 |
SSL_DHE_DSS_WITH_AES_128_GCM_SHA256 |
Cipher | Kx | Au | Enc | Mac |
---|---|---|---|---|
ECDHE-RSA-AES256-GCM-SHA384 | ECDH | RSA | AESGCM(256) | AEAD |
ECDHE-ECDSA-AES256-GCM-SHA384 | ECDH | ECDSA | AESGCM(256) | AEAD |
ECDHE-RSA-AES256-SHA384 | ECDH | RSA | AES(256) | SHA384 |
ECDHE-ECDSA-AES256-SHA384 | ECDH | ECDSA | AES(256) | SHA384 |
DHE-DSS-AES256-GCM-SHA384 | DH | DSS | AESGCM(256) | AEAD |
DHE-RSA-AES256-GCM-SHA384 | DH | RSA | AESGCM(256) | AEAD |
DHE-RSA-AES256-SHA256 | DH | RSA | AES(256) | SHA256 |
ECDH-RSA-AES256-GCM-SHA384 E | ECDH/RSA | ECDH | AESGCM(256) | AEAD |
ECDH-ECDSA-AES256-GCM-SHA384 | ECDH/ECDSA | ECDH | AESGCM(256) | AEAD |
ECDH-RSA-AES256-SHA384 | ECDH/RSA | ECDH | AES(256) | SHA384 |
ECDH-ECDSA-AES256-SHA384 | ECDH/ECDSA | ECDH | AES(256) | SHA384 |
AES256-GCM-SHA384 | RSA | RSA | AESGCM(256) | AEAD |
AES256-SHA256 | RSA | RSA | AES(256) | SHA256 |
ECDHE-RSA-AES128-GCM-SHA256 | ECDH | RSA | AESGCM(128) | AEAD |
ECDHE-ECDSA-AES128-GCM-SHA256 | ECDH | ECDSA | AESGCM(128) | AEAD |
ECDHE-RSA-AES128-SHA256 | ECDH | RSA | AES(128) | SHA256 |
ECDHE-ECDSA-AES128-SHA256 | ECDH | ECDSA | AES(128) | SHA256 |
DHE-DSS-AES128-GCM-SHA256 | DH | DSS | AESGCM(128) | AEAD |
DHE-RSA-AES128-GCM-SHA256 | DH | RSA | AESGCM(128) | AEAD |
DHE-RSA-AES128-SHA256 | DH | RSA | AES(128) | SHA256 |
DHE-DSS-AES128-SHA256 | DH | DSS | AES(128) | SHA256 |
ECDH-RSA-AES128-GCM-SHA256 | ECDH/RSA | ECDH | AESGCM(128) | AEAD |
ECDH-ECDSA-AES128-GCM-SHA256 | ECDH/ECDSA | ECDH | AESGCM(128) | AEAD |
ECDH-RSA-AES128-SHA256 | ECDH/RSA | ECDH | AES(128) | SHA256 |
ECDH-ECDSA-AES128-SHA256 | ECDH/ECDSA | ECDH | AES(128) | SHA256 |
AES128-GCM-SHA256 | RSA | RSA | AESGCM(128) | AEAD |
AES128-SHA256 | RSA | RSA | AES(128) | SHA256 |
Protocol level | Is it supported? |
---|---|
TLS 1.2 | Yes |
TLS 1.1 | No |
TLS 1.0 | No |
SSL 3 and earlier | No |
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
SSL_RSA_WITH_AES_256_CBC_SHA256 |
SSL_RSA_WITH_AES_256_GCM_SHA384 |
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 |
SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384 |
SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 |
SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 |
SSL_DHE_RSA_WITH_AES_256_GCM_SHA384 |
SSL_DHE_DSS_WITH_AES_256_CBC_SHA256 |
SSL_DHE_DSS_WITH_AES_256_GCM_SHA384 |
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA |
SSL_RSA_WITH_AES_256_CBC_SHA |
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA |
SSL_ECDH_RSA_WITH_AES_256_CBC_SHA |
SSL_DHE_RSA_WITH_AES_256_CBC_SHA |
SSL_DHE_DSS_WITH_AES_256_CBC_SHA |
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
SSL_RSA_WITH_AES_128_CBC_SHA256 |
SSL_RSA_WITH_AES_128_GCM_SHA256 |
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 |
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256 |
SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256 |
SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 |
SSL_DHE_RSA_WITH_AES_128_GCM_SHA256 |
SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 |
SSL_DHE_DSS_WITH_AES_128_GCM_SHA256 |
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA |
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA |
SSL_RSA_WITH_AES_128_CBC_SHA |
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA |
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA |
SSL_DHE_RSA_WITH_AES_128_CBC_SHA |
SSL_DHE_DSS_WITH_AES_128_CBC_SHA |
Cipher | Kx | Au | Enc | Mac |
---|---|---|---|---|
ECDHE-RSA-AES256-GCM-SHA384 | ECDH | RSA | AESGCM(256) | AEAD |
ECDHE-ECDSA-AES256-GCM-SHA384 | ECDH | ECDSA | AESGCM(256) | AEAD |
ECDHE-RSA-AES256-SHA384 | ECDH | RSA | AES(256) | SHA384 |
ECDHE-ECDSA-AES256-SHA384 | ECDH | ECDSA | AES(256) | SHA384 |
DHE-DSS-AES256-GCM-SHA384 | DH | DSS | AESGCM(256) | AEAD |
DHE-RSA-AES256-GCM-SHA384 | DH | RSA | AESGCM(256) | AEAD |
DHE-RSA-AES256-SHA256 | DH | RSA | AES(256) | SHA256 |
ECDH-RSA-AES256-GCM-SHA384 E | ECDH/RSA | ECDH | AESGCM(256) | AEAD |
ECDH-ECDSA-AES256-GCM-SHA384 | ECDH/ECDSA | ECDH | AESGCM(256) | AEAD |
ECDH-RSA-AES256-SHA384 | ECDH/RSA | ECDH | AES(256) | SHA384 |
ECDH-ECDSA-AES256-SHA384 | ECDH/ECDSA | ECDH | AES(256) | SHA384 |
AES256-GCM-SHA384 | RSA | RSA | AESGCM(256) | AEAD |
AES256-SHA256 | RSA | RSA | AES(256) | SHA256 |
AES256-SHA | RSA | RSA | AES(256) | SHA1 |
ECDHE-RSA-AES128-GCM-SHA256 | ECDH | RSA | AESGCM(128) | AEAD |
ECDHE-ECDSA-AES128-GCM-SHA256 | ECDH | ECDSA | AESGCM(128) | AEAD |
ECDHE-RSA-AES128-SHA256 | ECDH | RSA | AES(128) | SHA256 |
ECDHE-ECDSA-AES128-SHA256 | ECDH | ECDSA | AES(128) | SHA256 |
DHE-DSS-AES128-GCM-SHA256 | DH | DSS | AESGCM(128) | AEAD |
DHE-RSA-AES128-GCM-SHA256 | DH | RSA | AESGCM(128) | AEAD |
DHE-RSA-AES128-SHA256 | DH | RSA | AES(128) | SHA256 |
DHE-DSS-AES128-SHA256 | DH | DSS | AES(128) | SHA256 |
ECDH-RSA-AES128-GCM-SHA256 | ECDH/RSA | ECDH | AESGCM(128) | AEAD |
ECDH-ECDSA-AES128-GCM-SHA256 | ECDH/ECDSA | ECDH | AESGCM(128) | AEAD |
ECDH-RSA-AES128-SHA256 | ECDH/RSA | ECDH | AES(128) | SHA256 |
ECDH-ECDSA-AES128-SHA256 | ECDH/ECDSA | ECDH | AES(128) | SHA256 |
AES128-GCM-SHA256 | RSA | RSA | AESGCM(128) | AEAD |
AES128-SHA256 | RSA | RSA | AES(128) | SHA256 |
AES128-SHA | RSA | RSA | AES(128) | SHA1 |
DES-CBC3-SHA | RSA | RSA | 3DES(168) | SHA1 |
TCP and UDP ports
Service | Traffic direction | Protocol | Port | Service type |
---|---|---|---|---|
Email (SMTP) notification and inventory reports | Outbound | TCP | 25 | Optional |
SNMP event notification | Outbound | UDP | 162 | Optional |
Syslog event notification | Outbound |
TCP
UDP |
6514 (TCP)
514 (UDP) |
Optional |
IPv4 DHCP (Node service address) | Outbound | UDP | 68 | Optional |
IPv6 DHCP (Node service address) | Outbound | UDP | 547 | Optional |
Network time server (NTP) | Outbound | UDP | 123 | Optional |
SSH for command-line interface (CLI) access | Inbound | TCP | 22 | Mandatory |
HTTP to HTTPS redirect for GUI access | Inbound | TCP | 80 | Optional |
HTTPS redirect for GUI access | Inbound | TCP | 443 | Mandatory |
HTTP to HTTPS redirect for GUI access | Inbound | TCP | 8080 | Optional |
HTTPS for GUI access | Inbound | TCP | 8443 | Mandatory |
Remote user authentication service - HTTP | Outbound | TCP | 16310 | Optional |
Remote user authentication service - HTTPS | Outbound | TCP | 16311 | Optional |
Remote user authentication service - Lightweight Directory Access Protocol (LDAP) | Outbound | TCP | 389 | Optional |
iSCSI | Inbound | TCP | 3260 | Optional |
iSCSI iSNS | Outbound | TCP | 3260 | Optional |
IP Partnership management IP communication | Inbound | TCP | 3260 | Optional |
IP Partnership management IP communication | Outbound | TCP | 3260 | Optional |
Long-distance partnerships by using TCP data path connections | Inbound | TCP | 3265 | Optional |
Long-distance partnerships by using TCP data path connections | Outbound | TCP | 3265 | Optional |
Ethernet Clustering data path connections | Inbound | TCP | 21455 | Optional |
Ethernet Clustering data path connections | Outbound | TCP | 21456 | Optional |
Short-distance partnerships by using RDMA data path connections | Inbound | TCP | 3265 | Optional |
Short-distance partnerships by using RDMA data path connections | Outbound | TCP | 3265 | Optional |
VASA Provider | Inbound | TCP | 8440 | Optional |
RESTful API (HTTPS) | Inbound | TCP | 7443 | Optional |
Security level | Key Exchange | Cipher Suite | MAC Algorithm | Host Key Algorithms |
---|---|---|---|---|
1 |
|
aes256-ctr aes192-ctr aes128-ctr chacha20-poly1305@openssh.com aes256-gcm@openssh.com aes128-gcm@openssh.com aes256-cbc aes192-cbc aes128-cbc |
hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1 |
rsa-sha2-256 rsa-sha2-512 ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com ssh-rsa ssh-rsa-cert-v01@openssh.com |
2 |
|
aes256-ctr aes192-ctr aes128-ctr chacha20-poly1305@openssh.com aes256-gcm@openssh.com aes128-gcm@openssh.com |
hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1 |
rsa-sha2-256 rsa-sha2-512 ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com ssh-rsa ssh-rsa-cert-v01@openssh.com |
3 |
|
aes256-ctr aes192-ctr aes128-ctr chacha20-poly1305@openssh.com aes256-gcm@openssh.com aes128-gcm@openssh.com |
hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com |
rsa-sha2-256 rsa-sha2-512 ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com ssh-rsa ssh-rsa-cert-v01@openssh.com |
4 |
|
aes256-ctr aes192-ctr aes128-ctr aes256-gcm@openssh.com aes128-gcm@openssh.com |
hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com |
rsa-sha2-256 rsa-sha2-512 ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com |
Interoperability
At SSL security level 4, Google Chrome Version 63.0.3239.132 and higher and Mozilla Firefox Version 52.7.2 and later are known to work with the management GUI. IBM® SDK, Java Technology Edition, Version 8 update 1.8.0_161 and later is known to work with the IP quorum application.