Huawei AR1200 and AR2200 Series Routers
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocols IKEv1 and SNMP shall not be used when operated in FIPS mode.
Security Level Exceptions
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Multi-Chip Stand Alone
ARs are located between an enterprise network and a public network, functioning as the only ingress and egress for data transmitted between the two networks. The deployment of various network services over the ARs reduces operation & maintenance (O&M) costs as well as those associated with establishing an enterprise network.
||Certs. #4323, #4324 and #4325
||Certs. #2861, #2862 and #2863
||AES Cert. #4323 and HMAC Cert. #2861; key establishment methodology provides 128 bits of encryption strength
||Triple-DES Cert. #2335 and HMAC Cert. #2861; key establishment methodology provides 112 bits of encryption strength
||Certs. #3565, #3566 and #3567
||Certs. #2335, #2336 and #2337
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); HMAC-SHA-1-96 (HMAC Cert. #2861); NDRNG; Blowfish; DES; HMAC-MD5; IKEv1 KDF (non-compliant); MD5; SM1; SM3; SM4; SNMP KDF (non-compliant)
AR1220E P/N 02350DQJ Version E.5 with , AR1220EVW P/N 02350DQL Version F.5 with  and AR2220E P/N 02350DQM Version E.6 with ; Tamper Evident Seals P/N 4057-113016