U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3258

Details

Module Name
Cisco Firepower Threat Defense on Cisco Firepower 2100 Series Appliances
Standard
FIPS 140-2
Status
Active
Sunset Date
8/8/2023
Validation Dates
08/09/2018
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper evident seals and opacity shield installed as indicated in the Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
Cisco Firepower 2100 Series is a family of four threat-focused NGFW security platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #4234 and #4905
CKG vendor affirmed
CVL Certs. #983 and #1521
DRBG Certs. #1317 and #1735
ECDSA Cert. #1254
HMAC Certs. #2772 and #3272
RSA Certs. #2286 and #2678
SHS Certs. #3471 and #4012
Triple-DES Certs. #2293 and #2559
Allowed Algorithms
Diffie-Hellman (CVL Certs. #983 and #1521, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #983 and #1521, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
FP2110, FP2120, FP2130 and FP2140 with FIPS Kit (AIR-AP-FIPSKIT=) and opacity shield 69-100250-01
Firmware Versions
6.2

Vendor

Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

GOSSAMER SECURITY SOLUTIONS INC
NVLAP Code: 200997-0