Cisco continues to be a global leader in completing and pursuing Common Criteria evaluations; below are current, completed certifications as well as those evaluations which are not yet finalized.
For more information about Common Criteria, please go to: www.niap-ccevs.org and www.commoncriteriaportal.org
Table 1. Common Criteria Current Certifications
| Data Center |
Cisco Nexus 7000 Series Switch (7010, 7018) and Secure Access Control Server (ACS) |
|
0.6(1)
0.5(2) |
|
Collateral 1
Collateral 2 |
| Unified Computing |
Cisco UCS B200 M1 and M2, B250 M1 and M2, and B440 M1 Blade Servers; Cisco UCS C200 M1 and M2, C210 M1 and M2, C250 M1 and M2, and C460 M1 Rack-Mount Servers; Cisco UCS 6120XP and 6140XP Fabric Switches; Cisco UCS 2104XP and 2248TP Fabric Extenders |
No |
1.4(1) |
EAL4 |
Certificate |
Aggregation Services Router (ASR)
Carrier Routing System (CRS) |
Cisco Aggregation Services Router (ASR) 9000 series, Cisco Carrier Routing System (CRS) routers CRS-1 and CRS-3 |
No |
IOS XR v4.1.1 |
EAL3 |
Certificate
Collateral |
| Data Center |
Cisco Nexus 5000 Series Switch (5010, 5020, 5548P, 5596UP) with Nexus 2000
Series Fabric Extenders (2148T, 2224TP, 2248TP, 2232PP)
and Secure Access Control Server (ACS) |
No |
NX-OS 5.x ACS 5.2 Patch 3 |
EAL4 |
Certificate |
| Adaptive Security Appliance(ASA) |
Cisco Adaptive Security Appliance 5505, 5510, 5520, 5540, 5550, 5580-20, 5580-40
Cisco ASA Release 8.3.2
Cisco AnyConnect Release 2.5
Cisco VPN Client Release 5.0
Cisco Adaptive Security Device Manager (ASDM) 6.3.2
|
No |
8.3.2 |
EAL4+ |
Certificate |
| Integrated Service Router (ISR) |
Cisco Integrated Service Routers (ISR): Cisco 800 Series
Cisco 800 Series ISRs: 881, 881G and 891
Cisco 1900 Series ISRs: 1905, 1921, and 1941
Cisco 2900 Series ISRs: 2901, 2911 2921 and 2951
Cisco 3900 Series ISRs: 3925, 3925E, 3945 and 3945E
running IOS 15.1(2)T3 |
No |
15.1(2)T3 |
EAL4+ |
Certificate |
| Data Center |
Cisco Nexus 7000 Series Switch (7010, 7018) and Secure Access Control Server (ACS) |
None |
NX-OS version 5.1(1a), ACS version 5.2 P3 |
EAL4 |
Certificate |
| Embedded Services Router (ESR) |
Cisco 5940 Series Embedded Services Router (ESR) running IOS 15.1.2GC2 |
Yes (pp_fw_tf_br_v1.1) |
|
EAL2 |
|
| Firewall, Router, VPN |
Cisco Aggregation Services Router (ASR) 1000 Series (ASR 1002,
ASR 1002f, ASR 1004, ASR 1006) running Cisco IOS XE 2.4.2t |
No |
|
EAL4 |
|
| IronPort |
IronPort Web Security Appliance (WSA), S-Series (S160, S350 & S660) running AsyncOS 5.6.1 |
No |
5.6.1 |
EAL2 |
Certificate |
| Virtual Private Network (VPN) |
ASA 5500 Series (5505, 5510, 5520, 5540, 5550); Cisco VPN Client |
None |
7.2.4.18; 7.2.4.30
VPN Client: 5.0.03.0560; 5.0.05.0290 |
EAL4 |
Certificate-
Assurance Continuity |
| Wireless |
Cisco Unified Wireless Communications [WLAN] Cisco 4400 Series WLAN Controllers, Cisco Catalyst 6500 Series Wireless Services Module (WiSM), Cisco Aironet LWAPP 1130, 1230, and 1242 Series AP's, Cisco Wireless Control System (WCS), Cisco 2710 Location Appliance, and Cisco Secure ACS |
U.S. Government Protection Profile Wireless LAN Access System Basic Robustness Version 1.1 |
4.1.185.10 FIPS |
EAL2+ |
Certificate |
| Network Access Control (NAC) |
Cisco Network Admission Control (NAC) solution including the NAC Appliance
NAC Appliance network module (NME-NAC-K9) for Cisco Internet Services Routers (ISRs), NAC Agent, NAC Profiler and Cisco Secure Access Control Server (ACS v4.1.4.13) |
None |
12.4(11)T3 and 12.2(18)SXF10 |
EAL2 |
Certificate |
| Firewall |
Assurance Maintenance: NIAP #6016
PIX 515/515E, 525, 535;
ASA 5510/5520/5540 |
None |
7.2.(2)27 |
EAL4 |
Assurance Continuity |
| Storage |
MDS 9000 Family SAN-OS |
None |
3.2.(2c) |
EAL3 |
Certificate |
| Network Management |
Cisco Info Center v7.1 with Cisco WebTop v2.0 |
None |
7.1 |
EAL2 |
Certificate |
Security Management
Intrusion Detection System / Intrusion Prevention System (IPS/IDS) |
CS-MARS 110, 110R, Cisco Security MARS 210 and Cisco security MARS GC2 |
None |
5.2.4.2387 |
EAL2 |
Certificate |
| Firewall |
Cisco ACE XML Gateway and Manager |
None |
5.0.3 |
EAL3 |
Certificate |
| Secure Messaging |
IronPort Messaging Gateway (C150, C350, C600, C650, X1000 and X1050) |
None |
5.1.2 |
EAL2 |
Certificate |
| Internet Operating System / Authentication, Authorization, and Accounting (IOS AAA) |
Wireless (1100, 1200, 1400, 3200, MWR), Access Servers (5350, 5400, 5850), Integrated Access Device (AD2430), with Cisco Secure Access Control Server (ACS) for Windows |
None |
Various |
EAL3 |
Certificate |
| Catalyst Switches (2900, 3500, 3700, 4500, 4948, 6500) and Cisco Secure ACS for 4.1.4.13 |
None |
Various |
EAL3 |
Certificate |
| Routers: 800, 1700, 1800, 2600XM,2800, 3700, 3800, 7200, 7300, 7400, 7600; 10000 and 12000 and Cisco Secure ACS version 4.1.2.12 |
None |
Various |
EAL3 |
Certificate |
Internet Operating System / Internet Protocol Security
(IOS/IPSec) |
Cisco IOS IPSec on the Integrated Services Routers 870, 1800, 2800, 3800
Cisco 7204VXR, 7206VXR, 7301 with IOS 12.4(11)T3
Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
Cisco VPN Services Module (VPNSM)
Cisco IPSec VPN Shared Port Adapter (SPA) including VLAN separation
Assurance Continuity Maintenance Report CCEVS-VR-VID10116-2008 for Cisco IOS IPSec on the ISR, VPN Services Module, and IPSec VPN Shared Port Adaptor (SPA) including VLAN Separation with the following Cisco IOS releases: Cisco IOS 12.4(15)T10 and Cisco IOS 12.2(18)SXF 16 |
No |
12.2(18)SXF10
12.4(11)T3
12.4(15)T3 |
EAL4 |
US Certificate |
Intrusion Detection System / Intrusion Prevention System
(IDS/IPS) |
Cisco IPS 4240, 4255, 4260 and 4270 Sensors |
|
6.0
6.2(1) |
EAL2 |
US Certificate |
| Cisco IDS 4215 and 4250 Sensors |
|
| Cisco IDSM2 Catalyst 6500 (Intrusion Detection/Prevention Module), AIM-IPS, NME-IPS |
|
| Cisco ASA 5000 family (5510, 5520, 5540) with SSM-AIP-10, SSM-AIP-20 |
|
| Cisco NM-CIDS |
|
| Cisco AIP-SSM-10, AIP-SSM-20, AIP-SSM-40 |
|
| Assurance Continuity Maintenance Report CCEVS-VR-07-0032a for Cisco IPS v6.2(1) IPS 4200 Series Sensors (IPS-4240, IPS-4255, IPS-4260, IPS-4270); Cisco AIP-SSM-10, AIP-SSM-20 and AIP-SSM-40; IDSM-2, AIM-IPS and NME-IPS |
|
| Intrusion Detection System (IDS) |
ISDM2 |
|
4.1(3) |
EAL2+ |
Certificate |
| IDS 4200 Series |
|
4.1(3) |
EAL2 |
Certificate |
| Internet Protocol Security (IPSec) |
1841 |
AIM-VPN/BPII-PLUS |
12.4(6)T3, 12,4(7), 12.2 (33)SRA |
EAL2 |
Certificate |
| 2801, 2811, 2821, 2851 |
AIM-VPN/EPII-PLUS |
| 3825 |
AIM-VPN/EPII-PLUS |
| 3845 |
AIM-VPN/HPII-PLUS |
| 7204, 7206, 7301 |
SA-VAM2 |
| 7600 (Cat 6500) |
SPA-IPSEC-2G |
| VPN 3K 3005, 3015, 3020, 3030, 3060, 3080 |
|
4.1.7.N (VPN 3K) |
EAL2 |
Certificate |
Cisco IPSec VPN Client
(Windows, Solaris, Linux) |
4.80 Windows/Linux, 4.6.02 Solaris |
| 3002 |
4.7.2D |
| 830 |
12.4(5a) [831, 837] |
| PIX 501 |
6.3(5) [PIX] |
| Movian Software Client |
4.0 |
| Host Intrusion Protection |
CSA |
|
4.5 |
EAL2 |
Certificate |
| Firewall Services Module (FWSM) |
Firewall Services Module |
|
3.1(4) |
EAL4 |
Certificate-Assurance Continuity |
| 3.1(3.17) |
EAL4 |
Certificate |
| Firewall/Private Internet eXchange (PIX) |
PIX 515, 515E, 520, 525 & 535 (with VAC+) ASA 5510, 5520, 5540 |
|
7.0(6) |
EAL4 |
Certificate |
| 501,506, 506E, 515, 515E, 520, 525, & 535 |
|
6.2(2) |
EAL4 |
Certificate |
| Internet Operating System (IOS/Firewall) |
870, 1800, 2800, 3800, 7200 and 7301 |
|
12.3(14)T, 12.4(4)T |
EAL4 |
Certificate |
| Internet Operating System / Internet Protocol Security (IOS/IPSec) |
1720, 1721, 1760 |
MOD1700-VPN |
12.3(6a) |
EAL4 |
Certificate |
| 2610XM, 2611XM, 2620XM, 2621XM, 2650XM, 2651XM |
AIM-VPN/EP or AIM-VPN/BPII |
| 3660 |
AIM-VPN/HP |
| 3725 |
AIM-VPN/EPII |
| 3745 |
AIM-VPN/HPII |
| 7204, 7206 |
VAM2 |
| 7301 |
VAM2 |
| Internet Operating System / Internet Protocol Security (IOS/IPSec) |
1720, 1750 |
MOD1700-VPN |
12.2(6) |
EAL4 |
Certificate |
| 2610, 2611, 2612, 2613, 2620, 2621 |
AIM-VPN/BP |
12.2(6) |
EAL4 |
Certificate |
| 3620, 3640 |
NM-VPN/MP |
12.2(6) |
EAL4 |
Certificate |
| 3660 |
AIM-VPN/HP |
12.2(6) |
EAL4 |
Certificate |
| 7120, 7140 |
SM-ISM or SA-ISA |
12.2(6) |
EAL4 |
Certificate |
| SM-VAM(2) or SA-VAM(2) |
12.2(10)E |
EAL4 |
Certificate |
| 7204, 7206 |
SA-ISA |
12.2(6) |
EAL4 |
Certificate |
| SA-VAM(2) |
12.2(10)E |
EAL4 |
Certificate |
Intrusion Prevention System
(IPS) |
Cisco 871, 876, 877, 851, 851W, 857, 857W |
Built In |
12.4(6)T3 |
EAL2 |
Australian Certificate |
| Cisco 1801, 1801, 1803, 1811, 1812 |
Built In |
| Cisco 1841 |
AIM-VPN/BPII-PLUS |
12.4(7) |
| Cisco 2801, 2811, 2821, 2851 |
AIM-VPN/EPII-PLUS |
| Cisco 3825 |
AIM-VPN/EPII-PLUS |
| Cisco 3845 |
AIM-VPN/HPII-PLUS |
| Cisco 7204, 7206, 7301 |
SA-VAM2+ |
| Cisco 7600 (CAT6500): models include any 6500/7600 with Sup Engine 720, 720-3B or 720-3BXL |
SPA-IPSEC-2G |
12.2 (33)SRA |
| Voice over Internet Protocol (VoIP) |
Cisco VoIP Telephony System |
|
Cisco IP Telephone 7960, 7.0(2) |
EAL1 |
Certificate |
| Cisco IP Telephone 7970G, 6.0(2) |
| Cisco CallManager, 4.1(2) |
| Cisco Unity, 4.0(4) |
| Cisco 2651XM-V, 12.3(10) |
| MultiService Provisioning Platform (MSPP) |
Cisco ONS 15454 SONET Multiservice Provisioning Platform (MSPP) and Cisco ONS 15454 SDH Multiservice Provisioning Platform (MSPP) |
n/a |
4.1.3 |
EAL2 |
Certificate |
Wide Area Application Services
(WAAS) |
Cisco Wide Area Application Services
Wide Area Application Engine (WAE) 512, 612, 674, 7341 & 7371
Cisco NME-WAE 502
Cisco NME WAE 522 |
No |
4.1.5 |
EAL4 |
US Certificate |
|
Note:
1) Cisco 7100 and 7200 routers without optional IPSec hardware acceleration modules can be configured with either the 12.2(6) or 12.1(10)E software release.
2) Cisco 7100 or 7200 router equipped with an SM-VAM or SA-VAM does not support RSA public/private keys pairs for IKE authentication. |
|
