You can now configure TLSv1.3 for administrative access to Next-Generation Firewalls (NGFWs) and other management interfaces and manage cipher suites directly in an SSL/TLS service profile. In the SSL/TLS service profile, you can select TLSv1.3 as the minimum and maximum supported TLS version. Selecting TLSv1.3 automatically enables a set of modern and secure cipher suites. Additionally, you can customize key exchange algorithms, encryption algorithms, and authentication algorithms without using the command line interface (CLI). TLSv1.3 improves the security and performance of administrative connections. The protocol removes support for vulnerable algorithms, mandates perfect forward secrecy, and reduces connection latency through a faster TLS handshake.