http://blogs.technet.com/edgeaccessblog/archive/2009/05/14/how-to-configure-iag-to-use-aes-256-encryption.aspxBy default client browsers (or at least, any reasonably up to date client browser) will connect to IAG using 128 Bit encryption. This can be seen by right clicking in the browser pane and choosing ‘Properties’ after you have accessed your IAG portal.en-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/edgeaccessblog/archive/2009/05/14/how-to-configure-iag-to-use-aes-256-encryption.aspx#3286648Tue, 13 Oct 2009 23:33:23 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3286648Hank Cohen<p>Do any of the other encryption controls in the OS effect IAG?</p> <p>For example the local security policy: &nbsp;secpol.msc</p> <p>&quot;System cryptography: Use FIPS compliant algtorithms for encryptio, hashing, and signing.&quot;</p> <p>That control is supposed to restrict the system to using the FIPS 140 crypto module. &nbsp;Schannel is supposed to use this restriction. &nbsp;However if you set that policy without this hotfix then you will still get RC4 which is not FIPS in any keylength.</p> <p>Installing this patch makes IAG negotiate AES 128 which is FIPS compliant even if the &quot;use FIPS&quot; local policy is not enabled.</p> <p>What I really want to know is if installing this patch results in IAG using the FIPS certified crypto service provider?</p>