Updated as of 7/15/2008
Cisco continues to be a global leader in completing and pursuing Common Criteria evaluations; below are current, completed certifications as well as those evaluations which are not yet finalized.
For more information about Common Criteria, please go to: www.niap-ccevs.org and www.commoncriteriaportal.org
Table 1. Cisco Common Criteria Current Certifications
| IOS AAA |
Wireless (1100, 1200, 1400, 3200, MWR), Access Servers (5350, 5400, 5850), Integrated Access Device (AD2430), with Cisco Secure Access Control Server (ACS) for Windows |
None |
Various |
EAL3 |
Certificate |
| Catalyst Switches (2900, 3500, 3700, 4500, 4948, 6500) and Cisco Secure ACS for Windows 4.1.4.13 |
None |
Various |
EAL3 |
Certificate |
| Routers: 800, 1700, 1800, 2600XM,2800, 3700, 3800, 7200, 7300, 7400, 7600; 10000 and 12000 and Cisco Secure ACS version 4.1.2.12 |
None |
Various |
EAL3 |
Certificate |
| IOSIPSEC |
IOS IPSEC on the Integrated Services Routers, VPN Services Module (VPNSM) and IPSec VPN Shared Port Adapter (SPA) including VLAN separation |
None |
12.4(11)T3 and 12.2(18)SXF10 |
EAL4 |
Certificate |
| IPS |
IPS 4240, 4255 and 4260 Sensors |
|
V6.0 |
EAL2 |
Certificate |
| IDS 4215 and 4250 Sensors |
|
| IDSM2 Catalyst 6500 Intrusion Detection/Prevention Module |
|
| ASA family (5510, 5520, 5540) with SSM-AIP-10, SSM-AIP-20 |
|
| NM-CIDS |
|
| IDS |
ISDM2 |
|
4.1(3) |
EAL2+ |
Certificate |
| IDS 4200 Series |
|
4.1(3) |
EAL2 |
Certificate |
| IPSEC |
1841 |
AIM-VPN/BPII-PLUS |
12.4(6)T3, 12,4(7), 12.2 (33)SRA |
EAL2 |
Certificate |
| 2801, 2811, 2821, 2851 |
AIM-VPN/EPII-PLUS |
| 3825 |
AIM-VPN/EPII-PLUS |
| 3845 |
AIM-VPN/HPII-PLUS |
| 7204, 7206, 7301 |
SA-VAM2 |
| 7600 (Cat 6500) |
SPA-IPSEC-2G |
| IPSEC |
VPN 3K 3005, 3015, 3020, 3030, 3060, 3080 |
|
4.1.7.N (VPN 3K) |
EAL2 |
Certificate |
| Cisco IPSec VPN Client (Windwos, Solaris, Linux) |
4.80 Windows/Linux, 4.6.02 Solaris |
| 3002 |
4.7.2D |
| 830 |
12.4(5a) [831, 837] |
| PIX 501 |
6.3(5) [PIX] |
| Movian Software Client |
4.0 |
| Host Intrusion Protection |
CSA |
|
4.5 |
EAL2 |
Certificate |
| FWSM |
Firewall Services Module |
|
3.1(4) |
EAL4 |
Certificate-Assurance Continuity |
| 3.1(3.17) |
EAL4 |
Certificate |
| Firewall/PIX |
PIX 515, 515E, 520, 525 & 535 (with VAC+) ASA 5510, 5520, 5540 |
|
7.0(6) |
EAL4 |
Certificate |
| 501,506, 506E, 515, 515E, 520, 525, & 535 |
|
6.2(2) |
EAL4 |
Certificate |
| IOS/Firewall |
870, 1800, 2800, 3800, 7200 and 7301 |
|
12.3(14)T, 12.4(4)T |
EAL4 |
Certificate |
| IOS/IPSEC |
1720, 1721, 1760 |
MOD1700-VPN |
12.3(6a) |
EAL4 |
Certificate |
| 2610XM, 2611XM, 2620XM, 2621XM, 2650XM, 2651XM |
AIM-VPN/EP or AIM-VPN/BPII |
| 3660 |
AIM-VPN/HP |
| 3725 |
AIM-VPN/EPII |
| 3745 |
AIM-VPN/HPII |
| 7204, 7206 |
VAM2 |
| 7301 |
VAM2 |
| IOS/IPSec |
1720, 1750 |
MOD1700-VPN |
12.2(6) |
EAL4 |
Certificate |
| 2610, 2611, 2612, 2613, 2620, 2621 |
AIM-VPN/BP |
12.2(6) |
EAL4 |
Certificate |
| 3620, 3640 |
NM-VPN/MP |
12.2(6) |
EAL4 |
Certificate |
| 3660 |
AIM-VPN/HP |
12.2(6) |
EAL4 |
Certificate |
| 7120, 7140 |
SM-ISM or SA-ISA |
12.2(6) |
EAL4 |
Certificate |
| SM-VAM(2) or SA-VAM(2) |
12.2(10)E |
EAL4 |
Certificate |
| 7204, 7206 |
SA-ISA |
12.2(6) |
EAL4 |
Certificate |
| SA-VAM(2) |
12.2(10)E |
EAL4 |
Certificate |
| VoIP |
Cisco VoIP Telephony System |
|
Cisco IP Telephone 7960, 7.0(2) |
EAL1 |
Certificate |
| Cisco IP Telephone 7970G, 6.0(2) |
| Cisco CallManager, 4.1(2) |
| Cisco Unity, 4.0(4) |
| Cisco 2651XM-V, 12.3(10) |
| MSPP |
Cisco ONS 15454 SONET Multiservice Provisioning Platform (MSPP) and Cisco ONS 15454 SDH Multiservice Provisioning Platform (MSPP) |
n/a |
4.1.3 |
EAL2 |
Certificate |
| Note:
1) Cisco 7100 and 7200 routers without optional IPSec hardware acceleration modules can be configured with either the 12.2(6) or 12.1(10)E software release.
2) Cisco 7100 or 7200 router equipped with an SM-VAM or SA-VAM does not support RSA public/private keys pairs for IKE authentication. |
Table 2. Common Criteria in Progress Evaluations
| Firewall / PIX |
Assurance Maintenance on NIAP VID #6016 |
None |
EAL4 |
| * Pix 515/515E, 525, 535 |
| * ASA 5505, 5510, 5520, 5540, 5550 |
| Firewall |
Cisco ACE XML Gateway and Manager |
None |
EAL3 |
| VPN |
ASA 5505, 5510, 5520, 5540, 5550 |
None |
EAL4 |
| Cisco IPSec VPN Client (Windows) |
| Cisco SSL VPN Client (Windows) |
| AAA |
Catalyst Switches (2940, 2950, 2955, 2970, 3500, 3700, 4000, 4500, 4948, 6500, 8500) |
None |
EAL3 |
| Routers (800, 1700, 1800, 2500, 2600, 2600XM, 2800, 3600, 3700, 3800, 6400, 7200, 7300, 7400, 7500, 10000, 12000, SOHO, UBR) |
None |
EAL3 |
| Wireless (350, 1100, 1200, 1400, 3200, MWR) Cisco Switches (MGX, IGX, NI2) Cisco Devices (IAD, ICS) Cisco (ONS) and Cisco Access Servers (5300, 5400, 5800) |
None |
EAL3 |
| Wireless |
Cisco 4400 Series WLAN Controllers, Cisco Catalyst 6500 Series Wireless Services Module (WiSM), Cisco Aironet LWAPP 1130, 1230, and 1242 Series AP's, Cisco Wireless Control System (WCS), Cisco 2710 Location Appliance, and Cisco Secure ACS |
U.S. Government Protection Profile Wireless LAN Access System Basic Robustness Version 1.1 |
EAL2+ |
| SIM |
CS-MARS (25R, 25, 55, 110R, 110, 210, GC2R, GC2) |
None |
EAL2 |
| CS-MARS Local Controller and Global Controller |
| WAAS |
Cisco Wide Area Application Services Version 4.0, Wide Area Application Engine 512, 612 and 7327, and NME-WAE Network Module |
None |
EAL4 |
| Network Management |
CIC |
None |
EAL2 |
| Storage |
MDS 9000 |
None |
EAL3 |
For more information about Common Criteria, please go to: www.niap-ccevs.org and www.commoncriteriaportal.org
|
(PDF - 500 KB)