Cryptographic Module Validation Program CMVP

Certificate #3420

Details

Module Name
EOS MACsec Bravo Hybrid Module
Standard
FIPS 140-2
Status
Active
Sunset Date
3/26/2024
Validation Dates
03/27/2019;04/09/2019
Overall Level
1
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Section 8.1 of the Security Policy
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Firmware-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
Arista’s crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency.
Tested Configuration(s)
  • Arista Networks DCS-7280CR2M-30 with Credo MACsec chip CMX42550 and EOSv4 Firmware Version 1.0 (single-user mode)
  • Arista Networks DCS-7280SRAM-48C6 with Credo MACsec chip CMX42550 and EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7280SRM-40CX2 with Credo MACsec chip CMX42550 and EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7500E-SUP 01.02 with EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7500R2M-36CQ-LC 21.01 with Credo MACsec chip CMX42550
  • Arista Networks DCS-7500-SUP2 03.03 with EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7508N Chassis 06.00
  • Arista Networks DCS-7512N Chassis 00.06
  • Arista Networks DCS-7516N Chassis 10.00
  • Arista Networks DCS-7516-SUP2 10.00 with EOSv4 Firmware Version 1.0
FIPS Algorithms
AES Certs. #4471 and #5482
CKG vendor affirmed
CVL Certs. #1933, #1934 and #1935
DRBG Cert. #2158
ECDSA Cert. #1469
HMAC Cert. #3636
KAS Cert. #183
KBKDF Cert. #235
KTS AES Cert. #5482 and HMAC Cert. #3636; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Cert. #2944
SHS Cert. #4399
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1933, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1933, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (CVL Cert. #1934, key wrapping; key establishment methodology provides between 112 and 128 bits of encryption strength)
Hardware Versions
P/Ns Credo MACsec chip CMX42550 and Renesas Security chip R5H30211 or N313X; Chassis: DCS-7508N, Version 06.00; DCS-7512N, Version 00.06; DCS-7516N, Version 10.00; Supervisor: DCS-7500E-SUP, Version 01.02; DCS-7500-SUP2, Version 03.03; DCS-7516-SUP2, Version 10.00; Linecard: DCS-7500R2M-36CQ-LC, Version 21.01; Fixed Hardware: DCS-7280SRAM-48C6, Version 21.00; DCS-7280SRM-40CX2, Version 21.00; DCS-7280CR2M-30, Version 20.01
Firmware Versions
1.0

Vendor

Arista Networks Inc.
5453 Great America Parkway
Santa Clara, CA 95054
USA

Ethan Rahn
erahn@arista.com
Richard Whitney
rw@arista.com
Phone: 703-627-6092
Fax: 408-538-8920

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0