U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3883

Details

Module Name
Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12
Standard
FIPS 140-2
Status
Active
Sunset Date
4/5/2026
Overall Level
1
Caveat
When installed, initialized and configured as specified in Section 11 of the Security Policy and operated in FIPS mode. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #2346, #C972 and #C1279
CKG vendor affirmed
CVL Certs. #C972 and #C1279
DRBG Certs. #C972 and #C1279
ECDSA Certs. #C972 and #C1279
HMAC Certs. #C972 and #C1279
KTS AES Cert. #C972; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #C972 and HMAC Cert. #C972; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #C1279 and HMAC Cert. #C1279; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #C972 and HMAC Cert. #C972; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #C972 and #C1279
SHS Certs. #2023, #C972 and #C1279
Triple-DES Certs. #C972 and #C1279
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C972, key agreement; key establishment methodology provides 112 bits of encryption strength); Diffie-Hellman (CVL Cert, #C1279, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C972 with CVL Cert. #C972, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C1279 with CVL Cert. #C1279, key agreement; key establishment methodology provides128 or 192 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
9800-40, 9800-80 and 9800-L
Firmware Versions
IOS-XE 16.12

Vendor

Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
4/6/2021 Initial ACUMEN SECURITY, LLC