Cisco products, software, and technology (Cisco products) are subject to export controls under the laws and regulations of the United States (U.S.), the European Union (EU), and any other applicable countries’ export laws and regulations. Export, re-export, transfer, and use of Cisco products may require obtaining U.S. and local authorizations, permits, or licenses.
Cisco products are controlled under the U.S. Export Administration Regulations and Wassenaar Arrangement as telecommunications/networking equipment in category 5, part 2. The classification of Cisco’s products and CCATs can be retrieved from Cisco's Public Export Product Data Tool.
Cisco products may not be exported or re-exported to embargoed destinations: Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions. Cisco products may not be delivered to individuals or entities listed as under restrictions by the U.S. government or other applicable countries of export without first obtaining a license.
Cisco products may not be used directly or indirectly for uses inconsistent with their original design and intended applications (e.g., communications and network management).
As a U.S. company, Cisco is obliged to comply with U.S. anti-boycott laws and refuse to participate in foreign boycotts that the United States does not sanction.
Exporters, distributors, customers, and users of Cisco products are responsible for compliance with U.S. and local country export/import laws and regulations.
In the U.S., the export, re-export, and in-country transfer of controlled goods, software, and technology (dual-use items) are controlled by a branch of the U.S. Department of Commerce known as the Bureau of Industry and Security through the Export Administration Regulations (EAR).
In the EU, the export of dual-use items are controlled under EU Regulation 2021/821, setting up a community regime for the control of exports, transfer, brokering, and transit of dual-use items.
Cisco reviews all of its products prior to export and classifies them in accordance with the U.S. Export Administration Regulations (EAR).
Once a review has been completed, products may become eligible for a particular license exception, such as ENC, and this exception may then be used by other exporters, as provided by EAR.
Cisco solutions and products specified by EAR740.17(b)(1) or EAR740.17(b)(3) may be exported and re-exported under License Exception ENC to most civilian, commercial, and government end users located in all territories, with the exception of embargoed destinations and countries designated as supporting terrorist activities. The countries listed in part 746 of EAR as embargoed destinations requiring a license are: Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions.
Cisco's encryption solutions and products specified by EAR740.17(b)(2) have undergone a one-time review by the U.S. government and may be exported or re-exported under License Exception ENC to most civilian, commercial, and less-sensitive government end users (for definition see part 772 of EAR) located in all territories except the embargoed destinations and countries designated as supporting terrorist activities (i.e., Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions). Exports and re-exports to more-sensitive government entities (see part 772 EAR) not located in the following countries may require a U.S. export license: Australia, Austria, Belgium, Bulgaria, Canada, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Japan, Latvia, Lithuania, Luxembourg, Malta, Netherlands, New Zealand, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey, United Kingdom, and the United States.
Mass-market products generally do not require a license under U.S., EU, and most local laws (except when exporting to embargoed destinations). Mass-market products are exported from the U.S. under the designation “No License Required” (NLR).
All transactions must undergo a compliance check to ensure that none of the parties to an order are listed on any applicable sanctioned or denied entity list. Please review the U.S. Bureau of Industry and Security Lists of Parties of Concern.
No Cisco products are regulated by the International Traffic in Arms Regulations (ITAR).
Under EU export control laws exports of dual-use encryption items outside the EUrequire a license.
The U.S. Commerce Department Bureau of Industry and Security website provides U.S. export guidance at https://www.bis.doc.gov/index.php/regulations/commerce-control-list-ccl.
Non-U.S. and U.S. companies re-exporting Cisco products or technology must comply with both their local export regulations and with the U.S. re-export regulations. Guidance regarding re-exports and other offshore transactions involving U.S. origin items can be found at https://www.bis.doc.gov/index.php/licensing/reexports-and-offshore-transactions.
The European Commission provides information about EU export control regulations at https://ec.europa.eu/trade/import-and-export-rules/export-from-eu/dual-use-controls/.
Further guidance published by some EU member states can be found at: