Worldwide [change] |Account |Register |About Cisco
Guest

Hierarchical Navigation

Industry Solutions

Cisco FIPS 140
Download

Download the PDF Version (PDF - 262 KB)

Updated as of 10/01/2009

Cisco is dedicated to information assurance and complying to standards for both product depth and breadth. Cisco is a leader in securing FIPS 140 validations. The following tables provide current CMVP certifications, and those Cisco is currently pursuing with CMVP for FIPS 140.

For more information on FIPS 140, please visit: http://csrc.nist.gov/groups/STM/cmvp/index.html

Table 1. Current FIPS 140 Certifications

Product IPSec Acceleration Module FIPS Level / Security Policy Software Version Certification
Cisco Catalyst 6506, Catalyst 6506E, Catalyst 6509 and Catalyst 6509E Switch with Catalyst 6500 Series VPN Services Port Adapter (ws-ipsec-2 and ws-ipsec3) IPSec VPN SPA FIPS 140-2 Level 2 Firmware Versions: Modular IOS 12.2(33)SXI and 12.2(33)SXI1 Certificate #1155
FIPS 140-2 Level 2 IOS 12.2(33)SXI and IOS 12.2(33)SXI1 Certificate #1153
Cisco Unified Wireless IP Phone 7921G and 7925G None FIPS 140-2 Level 2 1.3 (2) Certificate #1148
Cisco ASA 5505, 5510, 5520, 5540 and 5550 Security Appliances None FIPS 140-2 Level 2 8.0.4.16; 8.0.4.28 Certificate #1141
Cisco 3271 High Performance Mobile Access Router Card HMARC None FIPS 140-2 Level 2 12.4(15)T7 Certificate #1139
Cisco 3825 and Cisco 3845 Integrated Services Routers None FIPS 140-2 Level 2 12.4(15)T3 Certificate #1040
Cisco 2851 Integrated Services Routers None FIPS 140-2 Level 2 12.4(15)T3 Certificate #1039
Cisco 2811 and Cisco 2821 Integrated Services Routers None FIPS 140-2 Level 2 12.4(15)T3 Certificate #1038
Cisco 1841 and Cisco 2801 Integrated Services Routers None FIPS 140-2 Level 2 12.4(15)T3 Certificate #1037
Cisco 1841 Integrated Services Router
Cisco 2801 Integrated Services Router		 AIM-VPN/BPII-Plus
AI-VPN/EPII Plus		 FIPS 140-2 Level 2 12.4(15)T3 Certificate #1036
Cisco 2811 and 2821 Integrated Service Routers AIM-VPN/EPII-Plus FIPS 140-2 Level 2 12.4(15)T3 Certificate #1035
Cisco 2851 Integrated Services Router AIM-VPN/EPII-Plus FIPS 140-2 Level 2 12.4(15)T3 Certificate #1034
Cisco 3825 Integrated Services Router
Cisco 3845 Integrated Services Router		 AIM-VPN/EPII-Plus
AIM-VPN/HPII-Plus		 FIPS 140-2 Level 2 12.4(15)T3 Certificate #1033
Cisco 1841 Integrated Services Router
Cisco 2801 Integrated Services Router		 AIM-VPN/SSL-1
AIM-VPN/SSL-2		 FIPS 140-2 Level 2 12.4(15)T3 Certificate #1031
Cisco 2811 and Cisco 2821 Integrated Services Router AIM-VPN/SSL-2 FIPS 140-2 Level 2 12.4(15)T3 Certificate #1030
Cisco 3825 and Cisco 3845 Integrated Services Router AIM-VPN/SSL-3 FIPS 140-2 Level 2 12.4(15)T3 Certificate #1029
Cisco 2851 Integrated Service Router AIM-VPN/SSL-2 FIPS 140-2 Level 2 12.4(15)T3 Certificate #1028
Cisco Secure Services Client FIPS Module None FIPS 140-2 Level 1 1.0.0.0 Certificate #1016
Cisco 3201 Wireless Mobile Interface card with thermal plates None FIPS 140-2 Level 2 S3201W7K9-12308JK Certificate #975
Cisco MDS 9506, 9509, MDS 9513, Cisco MDS 9216i (w/ 14/2 line card), MDS 9216i (w/o 14/2 line card) Multilayer SAN Switches None FIPS 140-2 Level 2 3.2 (2) Certificate #969
Cisco Catalyst 3750G None FIPS 140-2 Level 2 4.1.171.0
4.1.1.85.10		 Certificate #958
Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Module (WiSM) None FIPS 140-2 Level 2 12.2(18)SXF7
4.1.171.0
4.1.185.10		 Certificate #957
Cisco 4402 and 4404 Wireless LAN Controllers None FIPS 140-2 Level 2 4.1.171.0
4.1.185.10		 Certificate #955
Cisco Secure ACS FIPS Module 1.1 None FIPS 140-2 Level 1 4.1.2
4.1.4
4.2		 Certificate # 948
Cisco Aironet LWAPP AP1131AG and AP1242AG Wireless LAN Access Points None FIPS 140-2 Level 2 4.1.171.0
4.1.185.10		 Certificate #913
ASA 5505 and 5550 None FIPS 140-2 Level 2 7.2.2.18
7.2.4.18
7.2.4.30		 Certificate #906
PIX 515 and PIX 515E None FIPS 140-2 Level 2 7.2.2.18 Certificate #879
7206VXR NPE-G1, 7206VXR NPE-G2 and 7301 with VAM2+ and 7206VXR NPE-G2 with VSA VAM2+ FIPS 140-2 Level 2 12.4(11)T1 Certificate #877
PIX 525 and 535 None FIPS 140-2 Level 1 7.2.2.18 Certificate #872
ASA 5510, ASA 5520, ASA 5540 None FIPS 140-2 Level 2 7.2.2.18
7.2.2.27
7.2.4.18
7.2.4.30		 Certificate #821
PIX 525, PIX 535 None FIPS 140-2 Level 2 7.0.4 Certificate #758
Cisco WiSM, [Wireless Service Module], with Catalyst 6506 and 6509, Supervisor 720 None FIPS 140-2 Level 2 3.2.116.21 Certificate #729
Cisco Integrated Service Router 871,876,877,878 None FIPS 140-2 Level 2 12.4(4)T2 Certificate #707
Cisco 1801, 1802, 1803, 1811 and 1812 Integrated Services Routers Fixed Configuration Models None FIPS 140-2 Level 2 12.4(4)T2 Certificate #702
Cisco Aironet AP1131AG, AP1232AG, and AP1242AG Wireless Access Points and BR1310G Wireless Bridge None FIPS 140-2 Level 2 12.3(8)JA2 Certificate #701
Cisco Aironet LWAPP AP1131AG, AP1231G, AP1232AG, AP1242AG Wireless Access Points None FIPS 140-2 Level 2 3.2.116.21 Certificate #695
Wireless LAN Controllers (4402, 4404) None FIPS 140-2 Level 2 3.2.116.21 Certificate #693
Cisco Catalyst 6509, 6506, 6509E, 6506E, 7606 and 7609 Routers with VPNSM VPNS FIPS 140-2 Level 2 12.2(18)SXE2 Certificate #676
7206VXR NPE-G1 and 7301 (with VAM2+) NPE-G1 FIPS 140-2 Level 2 12.3(11) T10 Certificate #673
Cisco Catalyst 6509, 6506, 6509E, 6506E, 7606 and 7609 Routers VPN Shared Port Adapter FIPS 140-2 Level 2 12.2(18)SXE2 Certificate #658
PIX 515, PIX 515E VAC+ FIPS 140-2 Level 2 7.0(4) Certificate #656
ASA 5510, ASA 5520, ASA 5540 None FIPS 140-2 Level 2 7.0(4) Certificate #655
Cisco 3251 Mobile Access Router None FIPS 140-2 Level 2 12.3(14)T2 Certificate #633
Cisco 3220 Mobile Access Router Card None FIPS 140-2 Level 1 12.3(14)T2 Certificate #632
1841 / 2801 Integrated Services Router AIM-VPN/BPII-Plus, AIM- VPN/EPII-Plus FIPS 140-2 Level 2 12.3(11)T03 Certificate #620
2851 Integrated Services Router AIM-VPN/EPII-Plus FIPS 140-2 Level 2 12.3(11)T03 Certificate #619
3825 / 3845 Integrated Services Router AIM-VPN/EPII-Plus, AIM-VPN/HPII-Plus FIPS 140-2 Level 2 12.3(11)T03 Certificate #618
2811 and Cisco 2821 Integrated Services Router AIMVPN/ EPII-Plus FIPS 140-2 Level 2 12.3(11)T03 Certificate #617
1841 and Cisco 2801 Integrated Services Router Onboard FIPS 140-2 Level 2 12.3(11)T03 Certificate #616
2851 Integrated Services Router Onboard FIPS 140-2 Level 2 12.3(11)T03 Certificate #613
2811 / 2821 Integrated Services Router Onboard FIPS 140-2 Level 2 12.3(11)T03 Certificate #612
3825 / 3845 Integrated Services Router Onboard FIPS 140-2 Level 2 12.3(11)T03 Certificate #596
831 n/a FIPS 140-2 Level 2 12.3(8)T5 Certificate #518
2621XM, 2651XM AIM-VPN/EP FIPS 140-2 Level 2 12.3(3d) Certificate #438
3220 and 3251 Mobile Access Router n/a FIPS 140-2 Level 1 12.2(11r)YQ4 Certificate #432
Catalyst 6509 Switch and 7606 and 7609 Router with VPN Services Module n/a FIPS 140-2 Level 2 12.2(14)SY3 Certificate #429
7206 VXR NPE-G1 VAM2 and Dual VAM2 FIPS 140-2 Level 2 12.3(3d) Certificate #428
3745 AIM-VPN/HPII FIPS 140-2 Level 2 12.3(3d) Certificate #427
2691, 3725 AIM-VPN/EPII FIPS 140-2 Level 2 12.3(3d) Certificate #427
1721, 1760 MOD1700-VPN FIPS 140-2 Level 2 12.3(3d) Certificate #426
7206 VXR NPE-400 VAM FIPS 140-2 Level 2 12.3(3d) Certificate #423
1721, 1760, 2621XM, 2651XM, 2691, 3725, 3745, 7206-VXR NPE-400 (all non-accelerated) n/a FIPS 140-2 Level 2 12.3(3d) Certificate #422
VPN 3005, 3015, 3030, 3060, 3080 n/a FIPS 140-2 Level 2 3.6.7.F Certificate #421
VPN Client n/a FIPS 140-2 Level 1 3.6.5 Certificate #407
VPN 3002, 3002-8E n/a FIPS 140-2 Level 2 3.6.7.F Certificate #388
CSS 11000 Series n/a FIPS 140-2 Level 2 4.1 Certificate #340
VPN 3002, 3002-8E n/a FIPS 140-1 Level 2 3.1 Certificate #211
VPN 3005, 3015, 3030, 3060, 3080 n/a FIPS 140-1 Level 2 3.1 Certificate #210
2621, 2651 AIM-VPN/BP FIPS 140-1 Level 2 12.1(5)T Certificate #196
2621, 2651   FIPS 140-1 Level 2 12.1(5)T Certificate #194
7206VXR NPE-400 SA-ISA FIPS 140-1 Level 2 12.1(9)E Certificate #193
7206VXR NPE-400   FIPS 140-1 Level 2 12.1(9)E Certificate #192
7140 SM-ISM and SA-ISA FIPS 140-1 Level 2 12.1(9)E Certificate #191
7140   FIPS 140-1 Level 2 12.1(9)E Certificate #190
3640, 3660 NM-VPN/MP, AIM-VPN/HP FIPS 140-1 Level 2 12.1(5)T Certificate #189
3640, 3660   FIPS 140-1 Level 2 12.1(5)T Certificate #188

*Validated to Level 2 for all sections except Physical Security, which meet Level 1 requirements. This gives an overall Level 1 rating, but the Level 2 rating for all other sections is shown with the FIPS validation certificate.

Additionally, here is a link to the FIPS validated images on CCO: http://www.cisco.com/cgi-bin/tablebuild.pl/ifge0mdspif1.

Cisco sells FIPS kits that contain tamper-evidence labels and instructions on where to download the FIPS approved images and Security Policies. The part numbers for the FIPS kits are as follows:

  • CVPN2600FIPS/KIT
  • CVPN3600FIPS/KIT
  • CVPN7100FIPS/KIT
  • CVPN7200FIPS/KIT
  • CVPN3000FIPS/KIT

Table 2. FIPS 140 Validations in Progress

Technology Product Testing Status Level
ISRs Cisco Integrated Services Router: 881, 881G and 891 In Lab, On Pre-Val list FIPS 140-2 Level 2
ASRs Cisco Aggregation Services Router: ASR 1002, ASR 1004, ASR 1006 In Lab, On Pre-Val List FIPS 140-2 Level 2
Data Center Cisco Nexus 7K In Lab on Pre-Val List FIPS 140-2 Level 2
Wireless Cisco Aironet Lightweight AP 1131, AP1142, AP1242, AP1252, AP1522 Wireless LAN Access Points Finalization FIPS 140-2 Level 2
Storage MDS 18/4-Port Multiservice FIPS Module In lab, on Pre-Val List FIPS 140-2 Level 2

Let Us Help




Related Links

Ad Banner