U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Cryptographic Module Validation Program CMVP

Certificate #3880

Details

Module Name
Cisco FTD FX-OS on 4K/9K Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
2
Caveat
When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module Cisco Firepower Threat Defense on 4K/9K Cryptographic Module validated to FIPS 140-2 under Cert. #3821 operating in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
This Cisco Firepower eXtensible Operating System (FX-OS) is part of the Cisco Application Centric Infrastructure (ACI) Security Solution and provides an agile, open, built for scalability, consistent control, and simplified management. The FX-OS provides provides high performance, flexible input/output configurations, and scalability. A graphical user interface provides streamlined, visual representation of current chassis status and simplified configuration of chassis features. A command-based interface for configuring features, monitoring chassis status, and accessing advanced troublesho
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #2034, #2035, #4905, #C784 and #C1026
CVL Certs. #1521 and #C784
DRBG Certs. #197, #1735, #C784 and #C1026
ECDSA Certs. #1254 and #C784
HMAC Certs. #1233, #3272, #C784 and #C1026
RSA Certs. #2678 and #C784
SHS Certs. #1780, #4012, #C784 and #C1026
Triple-DES Certs. #1311, #2559, #C784 and #C1026
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C784, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C784, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (CVL Certs. #1521 and #C784, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1521 and #C784, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
FPR4110[1], FPR4115[1], FPR4120[1], FPR4125[1], FPR4140[1], FPR4145[1], FPR4150[1], FPR9K-SM-24[2], FPR9K-SM-36[2], FPR9K-SM-40[2], FPR9K-SM-44[2], FPR9K-SM-48[2] and FPR9K-SM-56[2] with FIPS Kit (Cisco_TEL.FIPS_Kit), and opacity shield 69-100250-01[1] or 800-102843-01[2]
Firmware Versions
2.6

Vendor

Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Validation History

Date Type Lab
4/3/2021 Initial GOSSAMER SECURITY SOLUTIONS INC