Module Name
Brocade® MLXe® Series Ethernet Routers, Brocade® NetIron® CER 2000 Series Ethernet Routers and Brocade NetIron® CES 2000 Series Ethernet Switches
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode with the tamper evident labels installed and configured as specified in Section 14 of the Security Policy
Security Level Exceptions
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Brocade NetIron CER 2000 Series is a family of compact routers that are purpose-built for high performance Ethernet edge routing and MPLS applications.The Brocade NetIron CES 2000 Series of switches provides IP routing and advanced Carrier Ethernet capabilities in a compact form factor. Brocade MLXe Series routers feature industry-leading Gigabit Ethernet ports with wire-speed density; advanced Layer 2 switching; rich IPv4, IPv6, Multi-VRF, MPLS, L2/L3 Virtual Private Networks (VPN),IKEv2/IPsec and PHY based MACsec capabilities without compromising performance.
Approved Algorithms
AES |
Certs. #1648, #2154, #2715, #2717, #2946, #3143, #3144 and #3478 |
CVL |
Certs. #173, #175, #393, #394, #403, #404, #712, #713 and #1029 |
DRBG |
Certs. #452, #454 and #684 |
ECDSA |
Certs. #761 and #809 |
HMAC |
Certs. #1694, #1696 and #2848 |
KBKDF |
Cert. #35 |
KTS |
AES Cert. #2946 |
KTS |
AES Cert. #2717 and HMAC Cert. #1696; key establishment methodology provides 112 bits of encryption strength |
RSA |
Certs. #1411 and #1413 |
SHS |
Certs. #934, #2280 and #2282 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #712; key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #713, key agreement; key establishment methodology provides between 128 and 192 bits of encryption strength); HMAC-MD5; MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; HMAC-SHA-1-96 (non-compliant); Triple-DES (non-compliant)
Hardware Versions
{[BR-MLXE-8-MR2-M-AC (80-1007225-01), BR-MLXE-16-MR2-M-AC (80-1006827-02), BR-MLXE-32-MR2-M-AC (80-1007253-04), BR-MLXE-4-MR2-X-AC (80-1006874-03), BR-MLXE-32-MR2-X-AC (80-1007255-04), with Components (80-1005643-01, 80-1005644-03, 80-1005641-02, 80-1005642-03, 80-1007878-02, 80-1007911-02, 80-1008426-01, 80-1008427-02, 80-1007879-02, 80-1003891-02, 80-1002983-01, 80-1008686-01, 80-1003971-01, 80-1003969-02, 80-1004114-01, 80-1004113-01, 80-1004112-01, 80-1004469-01, 80-1004760-02, 80-1006511-02, 80-1004757-02, 80-1003009-01, 80-1003052-01, 80-1003053-01)], [BR-CER-2024C-4X-RT-AC (80-1006530-01), BR-CER-2024F-4X-RT-AC (80-1006529-01), with Components (80-1003868-01, 80-1004848-01)], [BR-CES-2024C-4X-AC (80-1000077-01), BR-CES-2024F-4X-AC (80-1000037-01), with Component (80-1003868-01)]} with FIPS Kit XBR-000195
Firmware Versions
Multi-Service IronWare R05.9.00aa