U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3815

Details

Module Name
Cisco ISR 4000 Series Routers with MACSEC
Standard
FIPS 140-2
Status
Active
Sunset Date
2/8/2026
Validation Dates
02/09/2021
Overall Level
1
Caveat
When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Cisco Integrated Services Router (ISR) 4000 Series provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #3504 and #4583
CKG vendor affirmed
CVL Certs. #1257 and #1258
DRBG Cert. #1529
ECDSA Cert. #1241
HMAC Cert. #3034
KBKDF Cert. #139
KTS AES Cert. #4583; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Cert. #2500
SHS Cert. #3760
Triple-DES Cert. #2436
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1257 and #1258, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1257 and #1258, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
ISR 4321, ISR 4331, ISR 4351 and ISR 4451 with NIM-2GE-CU-SFP
Firmware Versions
Cisco IOS XE 16.9

Vendor

Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com
Phone: N/A
Fax: N/A

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0