Cryptographic Module Validation Program CMVP

Certificate #3515

Details

Module Name
Cisco Network Convergence System 2000 Series Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
8/28/2024
Validation Dates
08/29/2019
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Cisco NCS 2000 Series offers three chassis variants to meet varying scale and space requirements. This Cisco¬ę Network Convergence System (NCS) Family of products provides an Evolved Programmable Network (EPN) which simplify network operations, reduce network costs, and make your network more dynamic and profitable. The Cisco Network Convergence System 2000 Series (NCS 2000 Series) delivers agility, programmability, and massive scale across ultra-long-haul, metro, and enterprise optical networks.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #2769, #2770 and #C426
CKG vendor affirmed
CVL Cert. #C426
DRBG Cert. #C426
HMAC Cert. #C426
RSA Cert. #C426
SHS Cert. #C426
Triple-DES Cert. #C426
Allowed Algorithms
Diffie-Hellman (Cert. #C426, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (Cert. #C426, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
NCS2002, NCS2006 and NCS2015 with FIPS Kit (AIR-AP-FIPSKITx7 and AIR-AP-FIPSKITx8) and other components identified in Security Policy section 2.1
Firmware Versions
11.0

Vendor

Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

GOSSAMER SECURITY SOLUTIONS INC
NVLAP Code: 200997-0