Module Name
Cisco Firepower Threat Defense Virtual (FTDv) Cryptographic Module
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: N/A
- Design Assurance: Level 2
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Cisco Firepower Threat Defense (FTD) solution offers the combination of the industry's most deployed stateful firewall with a comprehensive range of next-generation network security services, intrusion prevention system (IPS), content security and secure unified communications. All running in a virtual environment.
Tested Configuration(s)
- FXOS version 2 on VMware ESXi 5.5 running on Cisco C220 M4 with Intel Xeon E5
- FXOS version 2 on VMware ESXi 6.0 running on Cisco C220 M4 with Intel Xeon E5 (single-user mode)
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1561, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1561, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
