Module Name
Cisco Firepower 2100 Cryptographic Module
Validation Dates
07/27/2018
Caveat
When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Cisco Firepower 2100 Series is a family of four threat-focused NGFW security platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.
Allowed Algorithms
Diffie-Hellman (CVL Certs. #983 and #1521, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #983 and #1521, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
FP2110, FP2120, FP2130, FP2140 with FIPS Kit (AIR-AP-FIPSKIT=) and opacity shield 69-100250-01