Module Name
Cisco Firepower Threat Defense Cryptographic Module
Validation Dates
08/06/2020
Caveat
When operated in FIPS mode and with the tamper evident seals and opacity shield installed as indicated in the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The 1K is a family of three platforms, 1010 for desktop and 1120 and 1140 for rack mount. While the 2K is a family of four threat-focused NGFW security rack mount platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C784 and #1521, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #C784 and #1521, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
FPR1010[1], FPR1120[2], FPR1140[2], FPR2110[3], FPR2120[3], FPR2130[3] and FPR2140[3] with FIPS Kit (AIR-AP-FIPSKIT=) and Opacity Shield 800-44098-01[1], 800-45098-01[2] and 69-100250-01[3]