Module Name
Cisco ASR 1000 Series Routers with MACSEC
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.
Approved Algorithms
| AES |
Certs. #A1462, #333, #2346, #3160 and #3505 |
| CKG |
vendor affirmed |
| CVL |
Cert. #A1462 |
| DRBG |
Cert. #A1462 |
| ECDSA |
Cert. #A1462 |
| HMAC |
Certs. #A1462, #137 and #1455 |
| KAS |
KAS-SSC Cert. #A1462, CVL Cert. #A1462 |
| KAS-SSC |
Cert. #A1462 |
| KBKDF |
Cert. #A1462 |
| KTS |
AES Cert. #A1462; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #A1462 |
| SHS |
Certs. #A1462, #408 and #2023 |
Hardware Versions
ASR1001-HX, ASR1002-HX, [[ASR1006-X with RP2, RP3, ESP40, ESP100, [ASR1000-MIP100 with EPA-10X10GE and EPA-1X40GE QSFP+]] and [[ASR-1009-X with RP2, RP3, ESP40, ESP100, ESP200, [ASR1000-MIP100 with EPA-10X10GE and EPA-1X40GE QSFP+]]
Firmware Versions
Cisco IOS-XE 16.12
