Cryptographic Module Validation Program CMVP

Certificate #2972

Details

Module Name
Huawei S5720-SI & S5720-LI Series Switches
Standard
FIPS 140-2
Status
Active
Sunset Date
7/26/2022
Validation Dates
07/27/2017
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy (applies to S5720-52X-LI-AC, S5720-28X-PWR-LI-AC, S5720-12TP-LI-AC and S5720-12TP-PWR-LI-AC).
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The S5720 series Ethernet switches are next-generation energy-saving switches developed by Huawei to meet the demand for high-bandwidth access and Ethernet multi-service aggregation. Based on cutting-edge hardware and Huawei Versatile Routing Platform (VRP) software, the S5720 provides a large switching capacity, high reliability (double power slots and hardware Ethernet OAM), and high-density GE ports to accommodate 10 Gbit/s upstream transmissions. The S5720 is available in a lite (LI) series, a standard (SI) series, an enhanced (EI) series, and a hyper (HI) series.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Cert. #4400
CKG vendor affirmed
CVL Cert. #1107
DRBG Cert. #1418
DSA Cert. #1175
ECDSA Cert. #1057
HMAC Cert. #2924
KTS AES Cert. #4400 and HMAC Cert. #2924; key establishment methodology provides 128 or 256 bits of encryption strength
KTS Triple-DES Cert. #2372 and HMAC Cert. #2924; key establishment methodology provides 112 bits of encryption strength
RSA Cert. #2380
SHS Cert. #3627
Triple-DES Cert. #2372
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
S5720-12TP-LI-AC P/N 98010567 Version E.3 with [1 and 2], S5720-12TP-PWR-LI-AC P/N 98010570 Version D.2 with [1 and 2], S5720-28X-LI-24S-AC P/N 98010629 Version D.2 with [1 and 2], S5720-28X-LI-AC P/N 98010581 Version C.2 with [1 and 2], S5720-28X-PWR-LI-AC P/N 98010593 Version C.2 with [1 and 2], S5720-28X-PWR-SI-AC P/N 02350DLW Version E.3 with [1 and 2], S5720-28X-SI-24S-AC P/N 98010625 Version C.22 with [1 and 2], S5720-28X-SI-AC P/N 02350DLT Version E.3 with [1 and 2], S5720-52P-LI-AC P/N 98010600 Version C.2 with [1 and 2], S5720-52P-PWR-LI-AC P/N 98010612 Version C.2 with [1], S5720-52P-SI-AC P/N 02350DLU Version E.3 with [1 and 2], S5720-52X-LI-AC P/N 98010606 Version D.2 with [1 and 2], S5720-52X-PWR-LI-AC P/N 98010619 Version C.2 with [1], S5720-52X-PWR-SI-AC P/N 02350DLX Version E.3 with [1 and 2], S5720-52X-SI-AC P/N 02350DLV Version E.3 with [1 and 2]; Tamper Seals P/N 4057-113016 [1] and External Baffle P/N 99089JEB [2]
Firmware Versions
V200R010C00SPC900B900

Vendor

Huawei Technologies Co., Ltd.
101 Software Avenue
Yuhuatai District
NANJING, JIANGSU 210000
CHINA

Yang Ze (Allen)
yangze1@huawei.com
Phone: +86 15919432118
Liu Pinping
liupinping@huawei.com
Phone: +86 15850529039

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0