Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3795

Details

Module Name
Cisco Firepower 4100 and Cisco Firepower 9300 Series
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
2
Caveat
When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module Cisco ASA Cryptographic Module validated to FIPS 140-2 under Cert. #3789 operating in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
This Cisco Firepower eXtensible Operating System (FX-OS) is part of the Cisco Application Centric Infrastructure (ACI) Security Solution and provides an agile, open, built for scalability, consistent control, and simplified management. The FX-OS provides provides high performance, flexible input/output configurations, and scalability. A graphical user interface provides streamlined, visual representation of current chassis status and simplified configuration of chassis features. A command-based interface for configuring features, monitoring chassis status, and accessing advanced troublesho
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #2034, #2035, #4905, #C784 and #C1026
CVL Certs. #1521 and #C784
DRBG Certs. #197, #1735, #C784 and #C1026
ECDSA Certs. #1254 and #C784
HMAC Certs. #1233, #3272, #C784 and #C1026
RSA Certs. #2678 and #C784
SHS Certs. #1780, #4012, #C784 and #C1026
Triple-DES Certs. #1311, #2559, #C784 and #C1026
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1521 and #C784, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C784, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
FPR4110-NGFW-K9[1], FPR4115-NGFW-K9[1], FPR4120-NGFW-K9[1], FPR4125-NGFW-K9[1], FPR4140-NGFW-K9[1], FPR4145-NGFW-K9[1], FPR4150-NGFW-K9[1], FPR9K-Sup (SM-24)[2], FPR9K-Sup (SM-36)[2], FPR9K-Sup (SM-40)[2], FPR9K-Sup (SM-44)[2], FPR9K-Sup (SM-48)[2] and FPR9K-Sup (SM-56)[2] with FIPS Kit (Cisco_TEL.FIPS_Kit), and opacity shield 69-100250-01[1] or 800-102843-01[2]
Firmware Versions
2.6

Vendor

Cisco Systems, Inc.
170 W Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Validation History

Date Type Lab
1/21/2021 Initial GOSSAMER SECURITY SOLUTIONS INC