Cryptographic Module Validation Program CMVP

Certificate #2902

Details

Module Name
Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
5/8/2022
Validation Dates
05/09/2017
Overall Level
1
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: N/A
  • Design Assurance: Level 2
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The virtualized offering of the Cisco FirePOWER next-generation IPS (NGIPS) solution providing the Industry-leading threat protection. Real-time contextual awareness. Full-stack visibility. Intelligent security automation. This virtualized highly effective intrusion prevention system provides reliable performance and a low total cost of ownership. Threat protection can be expanded with optional subscription licenses to provide Advanced Malware Protection (AMP), application visibility and control, and URL filtering capabilities.
Tested Configuration(s)
  • NGIPSv 6.1 on Vmware ESXi 5.5 running on Cisco C220 M3 (single-user mode)
FIPS Algorithms
AES Cert. #4411
CVL Cert. #1117
DRBG Cert. #1425
ECDSA Cert. #1063
HMAC Cert. #2932
RSA Cert. #2397
SHS Cert. #3637
Triple-DES Cert. #2377
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); HMAC MD5; MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; RC4
Software Versions
6.1

Vendor

Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

GOSSAMER SECURITY SOLUTIONS INC
NVLAP Code: 200997-0