Module Name
Cisco Firepower 4100 and Cisco Firepower 9300 Series
Validation Dates
07/25/2018
Caveat
When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy. This module contains the embedded module Cisco ASA Cryptographic Module validated to FIPS 140-2 under Cert. #3225 operating in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Next generation security services platforms capable of running multiple security services simultaneously. Providing firewall (NGFW), traffic management Cisco Firepower 4100 Series is a family of four threat threat-focused NGFW security platforms. While the Cisco Firepower 9300 is a scalable carrier-grade, modular platform designed for service providers, high-performance computing centers. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
FPR4110[1], FPR4120[1], FRP4140[1], FRP4150[1], FPR9300-SM24[2], FPR9300-SM36[2] and FPR9300-SM44[2] with FIPS Kit (Cisco_TEL.FIPS_Kit), and opacity shield 69-100250-01[1] or 800-102843-01[2]