Module Name
Cisco ASR 1000 Series Routers without MACSEC
Caveat
When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Cisco ASR 1000 Series Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services; reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.
Approved Algorithms
AES |
Certs. #A1462 and #333 |
CVL |
Cert. #A1462 |
DRBG |
Cert. #A1462 |
HMAC |
Certs. #A1462 and #137 |
KAS |
KAS-SSC Cert. #A1462, CVL Cert. #A1462 |
KAS-SSC |
Cert. #A1462 |
KTS |
AES Cert. #A1462; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #A1462 and HMAC Cert. #A1462; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Cert. #A1462 |
SHS |
Certs. #A1462 and #408 |
Hardware Versions
ASR1002-X, [ASR1004 and ASR1006 with components ASR-1000-RP2, ASR1000-ESP20 and ASR1000-ESP40]
Firmware Versions
Cisco IOS-XE 16.12