Module Name
Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580-20 and 5580-40 Security Appliances
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
Embodiment
Multi-chip standalone
Description
The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.
Approved Algorithms
AES |
Certs. #105, #564, #1394 and #1407 |
HMAC |
Certs. #125, #301, #818 and #828 |
RNG |
Certs. #144, #329, #763 and #772 |
RSA |
Certs. #106, #261, #680 and #684 |
SHS |
Certs. #196, #630, #1265 and #1277 |
Triple-DES |
Certs. #217, #559, #954 and #960 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; DES; RC4; HMAC MD5; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
5505 [1,2], 5510 [1], 5520 [1], 5540 [1], 5550 [1], 5580-20 [3], 5580-40 [3], [FIPS Kit (Cisco-FIPSKIT=): Revision -B0] [1], [ASA 5505 FIPS Kit (ASA5505-FIPS-KIT=): Revision -A0] [2] and [ASA 5580 FIPS Kit (ASA5580-FIPS-KIT=)] [3]
Firmware Versions
8.3.2 and 8.3.2.13