Module Name
Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12
Caveat
When installed, initialized and configured as specified in Section 11 of the Security Policy and operated in FIPS mode. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.
Approved Algorithms
AES |
Certs. #A1462, #A2452 and #2346 |
CKG |
vendor affirmed |
CVL |
Certs. #A1462 and #A2452 |
DRBG |
Certs. #A1462 and #A2452 |
ECDSA |
Certs. #A1462 and #A2452 |
HMAC |
Certs. #A1462 and #A2452 |
KAS |
KAS-SSC Certs. #A1462 and #A2452, CVL Certs. #A1462 and #A2452; key establishment methodology provides between 112 and 256 bits of encryption strength |
KAS-SSC |
Certs. #A1462 and #A2452 |
KTS |
AES Cert. #A1462; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #A1462 and HMAC Cert. #A1462; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #A2452 and HMAC Cert. #A2452; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Certs. #A1462 and #A2452 |
SHS |
Certs. #A1462, #A2452 and #2023 |
Allowed Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
9800-40, 9800-80 and 9800-L
Firmware Versions
IOS-XE 16.12