Module Name
Cisco Firepower Next-Generation IPS Virtual (NGIPSv) Cryptographic Module
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: N/A
- Design Assurance: Level 2
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The virtualized offering of the Cisco FirePOWER next-generation IPS (NGIPS) solution providing the Industry-leading threat protection. Real-time contextual awareness. Full-stack visibility. Intelligent security automation. This virtualized highly effective intrusion prevention system provides reliable performance and a low total cost of ownership. Threat protection can be expanded with optional subscription licenses to provide Advanced Malware Protection (AMP), application visibility and control, and URL filtering capabilities.
Tested Configuration(s)
- NGIPSv 6.2 on Vmware ESXi 5.5 running on Cisco C220 M4
- NGIPSv 6.2 on Vmware ESXi 6.0 running on Cisco C220 M4 (single-user mode)
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1413, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1413, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
