U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #1932

Details

Module Name
Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
04/08/2013
Overall Level
2
Caveat
Validated when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy and when operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
Module Type
Hardware
Embodiment
Multi-chip standalone
Description
The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes
FIPS Algorithms
AES Certs. #105, #1407, #2047, #2049 and #2050
HMAC Certs. #125, #301, #1244, #1246 and #1247
RNG Certs. #144, #329, #772, #1068 and #1070
RSA Certs. #106, #261, #1064, #1065 and #1066
SHS Certs. #196, #630, #1791, #1793 and #1794
Triple-DES Certs. #217, #559, #960, #1320 and #1321
Other Algorithms
DES; HMAC MD5; MD5; NDRNG; RC4; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
5505 [1, 2], 5510 [1], 5520 [1], 5540 [1], 5550 [1], 5580-20 [3], 5580-40 [3], 5585-X SSP-10 [4], 5585-X SSP-20 [4], 5585-X SSP-40 [4], 5585-X SSP-60 [4] with [FIPS Kit (DS-FIPS-KIT= Rev -BO)] [1], [ASA 5505 FIPS Kit (ASA5505-FIPS-KIT Rev-A0)] [2], [ASA 5580 FIPS Kit (ASA5580-FIPS-KIT)] [3] or [ASA 5585 FIPS Kit (ASA5585-X-FIPS-KIT)] [4]
Firmware Versions
8.4.4.1

Vendor

Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

SAIC
NVLAP Code: 200427-0