Cryptographic Module Validation Program CMVP

Certificate #3343

Details

Module Name
Cisco Firepower Threat Defense Virtual (FTDv) Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
12/16/2023
Validation Dates
12/17/2018
Overall Level
1
Caveat
When operated in FIPS mode. When installed, initialized and configured as specified in Section 3 of the Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: N/A
  • Design Assurance: Level 2
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Cisco Firepower Threat Defense (FTD) solution offers the combination of the industry's most deployed stateful firewall with a comprehensive range of next-generation network security services, intrusion prevention system (IPS), content security and secure unified communications. All running in a virtual environment.
Tested Configuration(s)
  • FXOS version 2 on VMware ESXi 5.5 running on Cisco C220 M4 with Intel Xeon E5
  • FXOS version 2 on VMware ESXi 6.0 running on Cisco C220 M4 with Intel Xeon E5 (single-user mode)
FIPS Algorithms
AES Cert. #5008
CKG vendor affirmed
CVL Cert. #1561
DRBG Cert. #1828
ECDSA Cert. #1277
HMAC Cert. #3329
RSA Cert. #2703
SHS Cert. #4074
Triple-DES Cert. #2584
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1561, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1561, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Software Versions
6.2

Vendor

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

GOSSAMER SECURITY SOLUTIONS INC
NVLAP Code: 200997-0