U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3246

Details

Module Name
Cisco Firepower 4100 and Cisco Firepower 9300 Series
Standard
FIPS 140-2
Status
Active
Sunset Date
7/24/2023
Validation Dates
07/25/2018
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. This module contains the embedded module Cisco ASA Cryptographic Module validated to FIPS 140-2 under Cert. #3225 operating in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
Next generation security services platforms capable of running multiple security services simultaneously. Providing firewall (NGFW), traffic management Cisco Firepower 4100 Series is a family of four threat threat-focused NGFW security platforms. While the Cisco Firepower 9300 is a scalable carrier-grade, modular platform designed for service providers, high-performance computing centers. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #2034, #2035, #4307 and #4905
CKG vendor affirmed
CVL Certs. #1023 and #1521
DRBG Certs. #197, #1368 and #1735
ECDSA Cert. #1254
HMAC Certs. #1233, #2843 and #3272
RSA Certs. #2328 and #2678
SHS Certs. #1780, #3546 and #4012
Triple-DES Certs. #1311, #2328 and #2559
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
FPR4110[1], FPR4120[1], FRP4140[1], FRP4150[1], FPR9300-SM24[2], FPR9300-SM36[2] and FPR9300-SM44[2] with FIPS Kit (Cisco_TEL.FIPS_Kit), and opacity shield 69-100250-01[1] or 800-102843-01[2]
Firmware Versions
2.2

Vendor

Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

GOSSAMER SECURITY SOLUTIONS INC
NVLAP Code: 200997-0