Module Name
Cisco Firepower Cryptographic Module
Validation Dates
07/17/2017
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 2
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The module is designed to help you handle network traffic in a way that complies with your organization's security policy for protecting your network. The system can affect the flow of traffic using access control, which allows you to specify, in a granular fashion, how to handle the traffic entering, exiting, and traversing your network. All the information gathered from it can be used to filter and control that traffic.
Tested Configuration(s)
- [Cisco ASA 5506-X, Cisco ASA 5506H-X, Cisco ASA 5506W-X, Cisco ASA 5508-X, Cisco ASA 5516-X, Cisco ASA 5512-X, Cisco ASA 5515-X, Cisco ASA 5525-X, Cisco ASA 5545-X, Cisco ASA 5555-X] with Fire Linux OS 6.1
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); HMAC MD5; MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
