Cisco continues to be a global leader in completing and pursuing Common Criteria evaluations; below are current, completed certifications as well as those evaluations which are not yet finalized.
For more information about Common Criteria, please go to: www.niap-ccevs.org and www.commoncriteriaportal.org
Table 1. Common Criteria Current Certifications
| Switches |
Cisco Catalyst Switches 2960S, 2960S-F, 2960C, 3560C, 3560V2, 3560X, 3750V2, 3750X running 15.0(2)SE1 |
N/A |
15.0(2)SE1 |
NDPP Compliant |
|
| Routers |
7600-Series Routers
|
No |
15.1(3)S3 |
EAL2 |
Certificate/User Guide |
| Storage |
Assurance Maintenance: NIAP #10015 Cisco MDS 9000 Family NX-OS Release 4.1(3a) Optional IPSec Hardware Acceleration Module: None Software Version: Assurance Maintenance: NX-OS Release 4.1(3a) |
|
Assurance Maintenance: NX-OS Release 4.1(3a) |
EAL3 |
Certification |
| Embedded Services Router (ESR) |
Cisco 5940 Series Embedded Services Router (ESR) running IOS 15.1.2GC2 |
Yes |
15.2(3)GC |
EAL2 |
Admin/User Guide |
| Embedded Services Router (ESR) |
Cisco 5915 Series Embedded Services Router (ESR) |
N/A |
15.2(2)GC |
EAL2 |
Certificate |
| Embedded Services Router (ESR) |
Cisco 5915 Series Embedded Services Router (ESR) |
N/A |
15.2(3)GC |
EAL2 |
Certificate |
| Wireless |
Cisco Aironet 1131, 1142, 1242, 1252, 1262, 1522, 1524, 1552E, 3502E and 3502I AG Series Access Points
Cisco Wireless LAN Controller 5508
Cisco Wireless LAN Controllers 4402 and 4404
Cisco Catalyst 6500 Series Wireless Integrated Services Module (WiSM) with the Supervisory 720 module
Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2)
|
Yes |
7.0.230.0 |
EAL4+ ALC_FLR |
Certification Collateral |
| Unified Computing |
Cisco UCS 5100 Series Blade Server Chassis, B-Series Blade Servers, C-Series Rack-Mount Servers, 2100 and 2200 Series Fabric Extenders, and 6100 and 6200 Series Fabric Interconnects with UCSM 2.0(4b) |
No |
2.0(4b) |
EAL4 |
Certificate |
Aggregation Services Router (ASR)
Carrier Routing System (CRS) |
Cisco Aggregation Services Router (ASR) 9000 series, Cisco Carrier Routing System (CRS) routers CRS-1 and CRS-3 |
No |
IOS XR v4.1.1 |
EAL3 |
Certificate
Collateral |
| Data Center |
Cisco Nexus 5000 Series Switch (5010, 5020, 5548P, 5596UP) with Nexus 2000
Series Fabric Extenders (2148T, 2224TP, 2248TP, 2232PP)
and Secure Access Control Server (ACS) |
No |
NX-OS 5.x ACS 5.2 Patch 3 |
EAL4 |
Certificate |
| Adaptive Security Appliance(ASA) |
Cisco Adaptive Security Appliance 5505, 5510, 5520, 5540, 5550, 5580-20, 5580-40
Cisco ASA Release 8.3.2
Cisco AnyConnect Release 2.5
Cisco VPN Client Release 5.0
Cisco Adaptive Security Device Manager (ASDM) 6.3.2
|
No |
8.3.2 |
EAL4+ |
Certificate |
| Integrated Service Router (ISR) |
Cisco Integrated Service Routers (ISR): Cisco 800 Series
Cisco 800 Series ISRs: 881, 881G and 891
Cisco 1900 Series ISRs: 1905, 1921, and 1941
Cisco 2900 Series ISRs: 2901, 2911 2921 and 2951
Cisco 3900 Series ISRs: 3925, 3925E, 3945 and 3945E
running IOS 15.1(2)T3 |
No |
15.1(2)T3 |
EAL4+ |
Certificate |
| Data Center |
Cisco Nexus 7000 Series Switch (7010, 7018) and Secure Access Control Server (ACS) |
None |
NX-OS version 5.2(5), ACS version 5.2 P3 |
EAL4 |
Collateral 1
Collateral 2
Certificate |
| Embedded Services Router (ESR) |
Cisco 5940 Series Embedded Services Router (ESR) running IOS 15.1.2GC2 |
Yes (pp_fw_tf_br_v1.1) |
15.2(3)GC |
EAL2 |
|
| Firewall, Router, VPN |
Cisco Aggregation Services Router (ASR) 1000 Series (ASR 1002,
ASR 1002f, ASR 1004, ASR 1006) running Cisco IOS XE 2.4.2t |
No |
|
EAL4 |
Certificate / Admin Guide |
|
| IronPort |
IronPort Web Security Appliance (WSA), S-Series (S160, S350 & S660) running AsyncOS 5.6.1 |
No |
5.6.1 |
EAL2 |
Certificate |
| Virtual Private Network (VPN) |
ASA 5500 Series (5505, 5510, 5520, 5540, 5550); Cisco VPN Client |
None |
7.2.4.18; 7.2.4.30
VPN Client: 5.0.03.0560; 5.0.05.0290 |
EAL4 |
Certificate-
Assurance Continuity |
| Wireless |
Cisco Unified Wireless Communications [WLAN] Cisco 4400 Series WLAN Controllers, Cisco Catalyst 6500 Series Wireless Services Module (WiSM), Cisco Aironet LWAPP 1130, 1230, and 1242 Series AP's, Cisco Wireless Control System (WCS), Cisco 2710 Location Appliance, and Cisco Secure ACS |
U.S. Government Protection Profile Wireless LAN Access System Basic Robustness Version 1.1 |
4.1.185.10 FIPS |
EAL2+ |
Certificate |
| Network Access Control (NAC) |
Cisco Network Admission Control (NAC) solution including the NAC Appliance
NAC Appliance network module (NME-NAC-K9) for Cisco Internet Services Routers (ISRs), NAC Agent, NAC Profiler and Cisco Secure Access Control Server (ACS v4.1.4.13) |
None |
4.7.1 and 2.1.8-37 |
EAL2 |
|
| Firewall |
Assurance Maintenance: NIAP #6016
PIX 515/515E, 525, 535;
ASA 5510/5520/5540 |
None |
7.2.(2)27 |
EAL4 |
Assurance Continuity |
| Storage |
MDS 9000 Family SAN-OS |
None |
3.2.(2c) |
EAL3 |
Certificate |
| Network Management |
Cisco Info Center v7.1 with Cisco WebTop v2.0 |
None |
7.1 |
EAL2 |
Certificate |
Security Management
Intrusion Detection System / Intrusion Prevention System (IPS/IDS) |
CS-MARS 110, 110R, Cisco Security MARS 210 and Cisco security MARS GC2 |
None |
5.2.4.2387 |
EAL2 |
Certificate |
| Firewall |
Cisco ACE XML Gateway and Manager |
None |
5.0.3 |
EAL3 |
Certificate |
| Secure Messaging |
IronPort Messaging Gateway (C150, C350, C600, C650, X1000 and X1050) |
None |
5.1.2 |
EAL2 |
Certificate |
| Internet Operating System / Authentication, Authorization, and Accounting (IOS AAA) |
Wireless (1100, 1200, 1400, 3200, MWR), Access Servers (5350, 5400, 5850), Integrated Access Device (AD2430), with Cisco Secure Access Control Server (ACS) for Windows |
None |
Various |
EAL3 |
Certificate |
| Catalyst Switches (2900, 3500, 3700, 4500, 4948, 6500) and Cisco Secure ACS for 4.1.4.13 |
None |
Various |
EAL3 |
Certificate |
| Routers: 800, 1700, 1800, 2600XM,2800, 3700, 3800, 7200, 7300, 7400, 7600; 10000 and 12000 and Cisco Secure ACS version 4.1.2.12 |
None |
Various |
EAL3 |
Certificate |
Internet Operating System / Internet Protocol Security
(IOS/IPSec) |
Cisco IOS IPSec on the Integrated Services Routers 870, 1800, 2800, 3800
Cisco 7204VXR, 7206VXR, 7301 with IOS 12.4(11)T3
Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
Cisco VPN Services Module (VPNSM)
Cisco IPSec VPN Shared Port Adapter (SPA) including VLAN separation
Assurance Continuity Maintenance Report CCEVS-VR-VID10116-2008 for Cisco IOS IPSec on the ISR, VPN Services Module, and IPSec VPN Shared Port Adaptor (SPA) including VLAN Separation with the following Cisco IOS releases: Cisco IOS 12.4(15)T10 and Cisco IOS 12.2(18)SXF 16 |
No |
12.2(18)SXF10
12.4(11)T3
12.4(15)T3 |
EAL4 |
US Certificate |
Intrusion Detection System / Intrusion Prevention System
(IDS/IPS) |
Cisco IPS 4240, 4255, 4260 and 4270 Sensors |
|
6.0
6.2(1) |
EAL2 |
US Certificate |
| Cisco IDS 4215 and 4250 Sensors |
|
| Cisco IDSM2 Catalyst 6500 (Intrusion Detection/Prevention Module), AIM-IPS, NME-IPS |
|
| Cisco ASA 5000 family (5510, 5520, 5540) with SSM-AIP-10, SSM-AIP-20 |
|
| Cisco NM-CIDS |
|
| Cisco AIP-SSM-10, AIP-SSM-20, AIP-SSM-40 |
|
| Assurance Continuity Maintenance Report CCEVS-VR-07-0032a for Cisco IPS v6.2(1) IPS 4200 Series Sensors (IPS-4240, IPS-4255, IPS-4260, IPS-4270); Cisco AIP-SSM-10, AIP-SSM-20 and AIP-SSM-40; IDSM-2, AIM-IPS and NME-IPS |
|
| Intrusion Detection System (IDS) |
ISDM2 |
|
4.1(3) |
EAL2+ |
Certificate |
| IDS 4200 Series |
|
4.1(3) |
EAL2 |
Certificate |
| Internet Protocol Security (IPSec) |
1841 |
AIM-VPN/BPII-PLUS |
12.4(6)T3, 12,4(7), 12.2 (33)SRA |
EAL2 |
Certificate |
| 2801, 2811, 2821, 2851 |
AIM-VPN/EPII-PLUS |
| 3825 |
AIM-VPN/EPII-PLUS |
| 3845 |
AIM-VPN/HPII-PLUS |
| 7204, 7206, 7301 |
SA-VAM2 |
| 7600 (Cat 6500) |
SPA-IPSEC-2G |
| VPN 3K 3005, 3015, 3020, 3030, 3060, 3080 |
|
4.1.7.N (VPN 3K) |
EAL2 |
Certificate |
Cisco IPSec VPN Client
(Windows, Solaris, Linux) |
4.80 Windows/Linux, 4.6.02 Solaris |
| 3002 |
4.7.2D |
| 830 |
12.4(5a) [831, 837] |
| PIX 501 |
6.3(5) [PIX] |
| Movian Software Client |
4.0 |
| Host Intrusion Protection |
CSA |
|
4.5 |
EAL2 |
Certificate |
| Firewall Services Module (FWSM) |
Firewall Services Module |
|
3.1(4) |
EAL4 |
Certificate-Assurance Continuity |
| 3.1(3.17) |
EAL4 |
Certificate |
| Firewall/Private Internet eXchange (PIX) |
PIX 515, 515E, 520, 525 & 535 (with VAC+) ASA 5510, 5520, 5540 |
|
7.0(6) |
EAL4 |
Certificate |
| 501,506, 506E, 515, 515E, 520, 525, & 535 |
|
6.2(2) |
EAL4 |
Certificate |
| Internet Operating System (IOS/Firewall) |
870, 1800, 2800, 3800, 7200 and 7301 |
|
12.3(14)T, 12.4(4)T |
EAL4 |
Certificate |
| Internet Operating System / Internet Protocol Security (IOS/IPSec) |
1720, 1721, 1760 |
MOD1700-VPN |
12.3(6a) |
EAL4 |
Certificate |
| 2610XM, 2611XM, 2620XM, 2621XM, 2650XM, 2651XM |
AIM-VPN/EP or AIM-VPN/BPII |
| 3660 |
AIM-VPN/HP |
| 3725 |
AIM-VPN/EPII |
| 3745 |
AIM-VPN/HPII |
| 7204, 7206 |
VAM2 |
| 7301 |
VAM2 |
| Internet Operating System / Internet Protocol Security (IOS/IPSec) |
1720, 1750 |
MOD1700-VPN |
12.2(6) |
EAL4 |
|
| 2610, 2611, 2612, 2613, 2620, 2621 |
AIM-VPN/BP |
12.2(6) |
EAL4 |
|
| 3620, 3640 |
NM-VPN/MP |
12.2(6) |
EAL4 |
|
| 3660 |
AIM-VPN/HP |
12.2(6) |
EAL4 |
|
| 7120, 7140 |
SM-ISM or SA-ISA |
12.2(6) |
EAL4 |
|
| SM-VAM(2) or SA-VAM(2) |
12.2(10)E |
EAL4 |
|
| 7204, 7206 |
SA-ISA |
12.2(6) |
EAL4 |
|
| SA-VAM(2) |
12.2(10)E |
EAL4 |
|
Intrusion Prevention System
(IPS) |
Cisco 871, 876, 877, 851, 851W, 857, 857W |
Built In |
12.4(6)T3 |
EAL2 |
Australian Certificate |
| Cisco 1801, 1801, 1803, 1811, 1812 |
Built In |
| Cisco 1841 |
AIM-VPN/BPII-PLUS |
12.4(7) |
| Cisco 2801, 2811, 2821, 2851 |
AIM-VPN/EPII-PLUS |
| Cisco 3825 |
AIM-VPN/EPII-PLUS |
| Cisco 3845 |
AIM-VPN/HPII-PLUS |
| Cisco 7204, 7206, 7301 |
SA-VAM2+ |
| Cisco 7600 (CAT6500): models include any 6500/7600 with Sup Engine 720, 720-3B or 720-3BXL |
SPA-IPSEC-2G |
12.2 (33)SRA |
| Voice over Internet Protocol (VoIP) |
Cisco VoIP Telephony System |
|
Cisco IP Telephone 7960, 7.0(2) |
EAL1 |
Certificate |
| Cisco IP Telephone 7970G, 6.0(2) |
| Cisco CallManager, 4.1(2) |
| Cisco Unity, 4.0(4) |
| Cisco 2651XM-V, 12.3(10) |
| MultiService Provisioning Platform (MSPP) |
Cisco ONS 15454 SONET Multiservice Provisioning Platform (MSPP) and Cisco ONS 15454 SDH Multiservice Provisioning Platform (MSPP) |
n/a |
4.1.3 |
EAL2 |
Certificate |
Wide Area Application Services
(WAAS) |
Cisco Wide Area Application Services
Wide Area Application Engine (WAE) 512, 612, 674, 7341 & 7371
Cisco NME-WAE 502
Cisco NME WAE 522 |
No |
4.1.5 |
EAL4 |
US Certificate |
Cisco Adaptive Security Appliances (ASA) Firewall
and Virtual Private Network (VPN) |
ASA 5500 & 5585 Series Security Appliances including:
Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580-20, 5580-40,
5585-S10, 5585-S20, 5585-S40, and 5585-S60 |
Support single or multiple contexts, routed or transparent mode, and support interoperability with Cisco or non-Cisco components including: peer- to-peer VPN gateways over IPsec; clientless SSL VPN over TLS; syslog servers over TLS; AAA servers using RADIUS and/or TACACS+; peer Certificate Authorities using OCSP; and time servers supporting NTPv3 |
Cisco ASA Release 8.4(4.1) |
EAL4+ |
AU/NZ Certificate 2012/8282 |
|
Note:
1) Cisco 7100 and 7200 routers without optional IPSec hardware acceleration modules can be configured with either the 12.2(6) or 12.1(10)E software release.
2) Cisco 7100 or 7200 router equipped with an SM-VAM or SA-VAM does not support RSA public/private keys pairs for IKE authentication. |
|