Hi all I have some questions about SSL/TLS implementation in Apigee Edge Public Cloud. TLSv1.2 enabled.
We want to avoid using RC4 and 3DES cipher suites in favor of more secure options, such as AES-based cipher suites, which provide stronger security.
I am aware that limiting the cipher suites availability might affect clients using the cipher suits we restricted. To avoid related issues, here are my concerns:

1. Is it correct that all cipher TLSv1.2 suites listed here https://www.openssl.org/docs/man1.1.1/man1/ciphers.html are enabled in Apigee by default?

2. Are there any analytics available showing which particular cipher suits are being used related to client id?

3. If we wanted to allow specific cipher suits, we could whitelist them as described here
https://docs.apigee.com/how-to-guides/configuring-cipher-suites-on-virtual-host-routers. Is there a way to blacklist the ones we do not want to use?