Huawei S6720EI Series Switches
When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Multi-Chip Stand Alone
The S6720 has industry-leading performance and provides up to 24 or 48 line-speed 10GE ports. It can be used in a data center to provide 10 Gbit/s access to servers or function as a core switch on a campus network to provide 10 Gbit/s traffic aggregation. In addition, the S6720 provides a wide variety of services, comprehensive security policies, and various QoS features to help customers build scalable, manageable, reliable, and secure data centers.
||AES Cert. #4400 and HMAC Cert. #2924; key establishment methodology provides 128 or 256 bits of encryption strength
||Triple-DES Cert. #2372 and HMAC Cert. #2924; key establishment methodology provides 112 bits of encryption strength
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); HMAC-SHA-1-96 (HMAC Cert. #2924); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); AES-XCBC-MAC (non-compliant); DES; HMAC-MD5; RC4; SNMP KDF (non-compliant)
P/Ns 02350DMN Version H.3 (S6720-30C-EI-24S-AC) and 02350DMP Version H.3 (S6720-54C-EI-48S-AC) both with P/Ns 4057-113016 (Tamper Evident Seals) and 99089JEB (External Baffle)