Module Name
Cisco ISR 4000 Series Routers with MACSEC
Caveat
When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Cisco Integrated Services Router (ISR) 4000 Series provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.
Approved Algorithms
| AES |
Certs. #A1462 and #3504 |
| CKG |
vendor affirmed |
| CVL |
Cert. #A1462 |
| DRBG |
Cert. #A1462 |
| ECDSA |
Cert. #A1462 |
| HMAC |
Cert. #A1462 |
| KAS |
KAS-SSC Cert. #A1462, CVL Cert. #A1462 |
| KAS-SSC |
Cert. #A1462 |
| KBKDF |
Cert. #A1462 |
| KTS |
AES Cert. #A1462; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #A1462 |
| SHS |
Cert. #A1462 |
Hardware Versions
ISR 4321, ISR 4331, ISR 4351 and ISR 4451 with NIM-2GE-CU-SFP
Firmware Versions
Cisco IOS-XE 16.12
