Huawei S12700 Series Switches
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Multi-Chip Stand Alone
Huawei S12700 series agile switches are core switches designed for next-generation campus networks. Using a fully programmable switching architecture, the S12700 series allows fast, flexible function customization and supports a smooth evolution to software-defined networking (SDN) The S12700 series uses Huawei Ethernet Network Processor (ENP) and provides native wireless access controller (AC) to help build a wired and wireless converged network. Its uniform user management capabilities deliver refined user and service management.
||AES Cert. #4400 and HMAC Cert. #2924; key establishment methodology provides 128 or 256 bits of encryption strength
||Triple-DES Cert. #2372 and HMAC Cert. #2924; key establishment methodology provides 112 bits of encryption strength
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); HMAC-SHA-1-96 (HMAC Cert. #2924); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); AES-XCBC-MAC (non-compliant); DES; HMAC-MD5; RC4; SNMP KDF (non-compliant)
S12704 P/N 02114480 Version E.3, S12708 P/N 02114178 Version Q.3 and S12712 P/N 02114180 Version P.3 all with MPU P/N 03030RPE, SFU P/N 03030RPF, LPU P/N 03030SGN and Tamper Seals P/N 4057-113016