U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3261

Details

Module Name
Cisco Firepower Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
8/13/2023
Validation Dates
08/14/2018
Overall Level
1
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 2
  • Mitigation of Other Attacks: N/A
Module Type
Firmware
Embodiment
Multi-Chip Stand Alone
Description
The module is designed to help you handle network traffic in a way that complies with your organization's security policy for protecting your network. The system can affect the flow of traffic using access control, which allows you to specify, in a granular fashion, how to handle the traffic entering, exiting, and traversing your network. All the information gathered from it can be used to filter and control that traffic.
Tested Configuration(s)
  • [Cisco ASA 5506-X, Cisco ASA 5506H-X, Cisco ASA 5506W-X, Cisco ASA 5508-X, Cisco ASA 5516-X, Cisco ASA 5525-X, Cisco ASA 5545-X, Cisco ASA 5555-X] with Fire Linux OS 6.2
FIPS Algorithms
AES Cert. #4266
CKG vendor affirmed
CVL Cert. #1008
DRBG Cert. #1337
HMAC Cert. #2811
RSA Cert. #2297
SHS Cert. #3512
Triple-DES Cert. #2307
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1008, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1008, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Firmware Versions
6.2

Vendor

Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

GOSSAMER SECURITY SOLUTIONS INC
NVLAP Code: 200997-0