Module Name
ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, ASA 5555-X, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances
Historical Reason
186-2 transition
Caveat
When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.
Approved Algorithms
AES |
Certs. #105, #1407, #2049, #2050, #2444, #2472, #2480, #2482 and #2483 |
DRBG |
Certs. #332, #336, #339 and #341 |
ECDSA |
Certs. #411 and #412 |
HMAC |
Certs. #125, #301, #1246, #1247, #1514, #1524 and #1525 |
RSA |
Certs. #106, #261, #1066, #1260, #1269, #1271 and #1272 |
SHS |
Certs. #196, #630, #1793, #1794, #2091, #2100 and #2101 |
Triple-DES |
Certs. #217, #559, #960, #1321, #1513, #1520 and #1521 |
Other Algorithms
DES; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); HMAC-MD5; MD5; NDRNG; RC4; RNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
5580-20 [2], 5580-40 [2], 5512-X [1], 5515-X [1], 5525-X [1], 5545-X [1], 5555-X[1], 5585-X SSP-10 [3], 5585-X SSP-20 [3], 5585-X SSP-40 [3], 5585-X SSP-60 [3] with [FIPS Kit (DS-FIPS-KIT= Rev -BO)] [1], [ASA 5580 FIPS Kit (ASA5580-FIPS-KIT)] [2], or [ASA 5585 FIPS Kit (ASA5585-X-FIPS-KIT)] [3]
Firmware Versions
9.1.7.9