Module Name
Cisco Catalyst 9200L Series Switches
Validation Dates
03/18/2021
Caveat
When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 2
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
With full PoE+ capability, power and fan redundancy, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, and cold patching, Catalyst 9200L Series switches are the industry’s unparalleled solution with differentiated resiliency and progressive architecture for cost-effective branch-office access. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. Advanced security feature supports IOS-XE software, MACsec encryption, hardware anchored secure boot, Secure Unique Device Identification (SUDI) support.
FIPS Algorithms
| AES |
Certs. #C462 and #4769 |
| CKG |
vendor affirmed |
| CVL |
Cert. #C462 |
| DRBG |
Cert. #C462 |
| ECDSA |
Cert. #C462 |
| HMAC |
Cert. #C462 |
| KBKDF |
Cert. #C462 |
| KTS |
AES Cert. #C462; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Certs. #C462 and #C1301 |
| SHS |
Certs. #C462 and #C1301 |
| Triple-DES |
Cert. #C462 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C462 with CVL Cert. #C462, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C462 with CVL Cert. #C462, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
Cisco Catalyst C9200L-24P-4G, Cisco Catalyst C9200L-24P-4X, Cisco Catalyst C9200L-24T-4G, Cisco Catalyst C9200L-24T-4X, Cisco Catalyst C9200L-48P-4G, Cisco Catalyst C9200L-48P-4X, Cisco Catalyst C9200L-48T-4G, Cisco Catalyst C9200L-48T-4X, Cisco Catalyst C9200L-24P8X-2Y, Cisco Catalyst C9200L-24P8X-4X, Cisco Catalyst C9200L-48P12X-4X and Cisco Catalyst C9200L-48P8X-2Y
Firmware Versions
Cisco IOS-XE 16.12
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
