This page was not yet optimized for use on mobile devices.
Cisco ISR 4000 Series Routers with MACSEC
Certificate #4651
Webpage information ?
Document information ?
Security policy
Symmetric Algorithms
AES-, AES, AES-256, RC4, DES, Triple-DES, HMAC, CMACAsymmetric Algorithms
RSA 2048, ECDH, ECDSA, ECC, Diffie-Hellman, DHHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Schemes
MAC, Key ExchangeProtocols
SSH, TLS, IKE, IKEv2, IPsec, VPNRandomness
DRBG, RNGElliptic Curves
P-256, P-384Block cipher modes
ECB, CBC, CTR, GCMVendor
Cisco Systems, Inc, Cisco, Cisco SystemsSecurity level
Level 1, level 1Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 140, SP 800-90, SP 800-38D, PKCS#1, RFC 7296File metadata
| Title: | 0 |
|---|---|
| Author: | Anthony Busciglio |
| Creation date: | D:20231023171710-04'00' |
| Modification date: | D:20231023171710-04'00' |
| Pages: | 37 |
| Creator: | Microsoft® Word for Microsoft 365 |
| Producer: | Microsoft® Word for Microsoft 365 |
References
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
02.01.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2023_111223_0648_signed.pdf.
- The certificate_pdf_url property was set to
-
06.11.2023 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4651,
"dgst": "ccff8a9c9ce2b8b3",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KAS#A1462",
"KAS-SSC#A1462",
"DRBG#A1462",
"SHS#A1462",
"ECDSA#A1462",
"HMAC#A1462",
"AES#A1462",
"AES#3504",
"CVL#A1462",
"KBKDF#A1462",
"KTS#A1462",
"RSA#A1462"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"16.12"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 4
},
"ECDSA": {
"ECDSA": 2
}
},
"FF": {
"DH": {
"DH": 7,
"Diffie-Hellman": 20
}
},
"RSA": {
"RSA 2048": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"CTR": {
"CTR": 5
},
"ECB": {
"ECB": 2
},
"GCM": {
"GCM": 5
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 27,
"IKEv2": 4
},
"IPsec": {
"IPsec": 13
},
"SSH": {
"SSH": 37
},
"TLS": {
"TLS": {
"TLS": 4
}
},
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 9
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 14,
"P-384": 14
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1,
"#3": 1
}
},
"fips_certlike": {
"Certlike": {
"AES -128, 192": 2,
"AES 4853": 1,
"AES- 256": 4,
"AES-256": 1,
"DES 9": 1,
"DRBG (256": 1,
"HMAC SHA-1": 6,
"HMAC SHA-256": 1,
"HMAC SHA-384": 1,
"HMAC SHA-512": 1,
"HMAC-SHA1": 4,
"PKCS#1": 2,
"RSA 2048": 1,
"SHA-1": 11,
"SHA-256": 3,
"SHA-384": 2,
"SHA-512": 2,
"cert # AES": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 3,
"level 1": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 8
}
},
"SHA": {
"SHA1": {
"SHA-1": 11
},
"SHA2": {
"SHA-256": 3,
"SHA-384": 2,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 47
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 4,
"FIPS 140-2": 22,
"FIPS PUB 140-2": 1
},
"NIST": {
"SP 800-38D": 1,
"SP 800-90": 5
},
"PKCS": {
"PKCS#1": 1
},
"RFC": {
"RFC 7296": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 16,
"AES-": 5,
"AES-256": 1
},
"RC": {
"RC4": 3
}
},
"DES": {
"3DES": {
"Triple-DES": 3
},
"DES": {
"DES": 5
}
},
"constructions": {
"MAC": {
"CMAC": 1,
"HMAC": 20
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 16,
"Cisco Systems": 2,
"Cisco Systems, Inc": 38
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Anthony Busciglio",
"/CreationDate": "D:20231023171710-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20231023171710-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Title": "0",
"pdf_file_size_bytes": 881977,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.cisco.com/c/en/us/td/docs/routers/access/4400/hardware/installation/guide4400-4300/C4400_isr/Overview.html?bookSearch=true",
"https://www.cisco.com/c/en/us/td/docs/routers/access/4400/software/configuration/guide/isr4400swcfg.html",
"http://csrc.nist.gov/groups/STM/cmvp/index.html",
"http://www.cisco.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 37
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "737d1a1640edcad1d43693611990ba9ed0d87707a4d5dde42e67a15e31959aee",
"policy_txt_hash": "dd2159996eda887bd2f2f37844253cf8e7a4818c6dcc6fc840c37279bbbb778b"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2023_111223_0648_signed.pdf",
"date_sunset": "2026-02-08",
"description": "The Cisco Integrated Services Router (ISR) 4000 Series provide comprehensive security services including VPN for small businesses, enterprise small branch and teleworkers. The platforms are architected to enable the next phase of branch-office evolution, providing rich media collaboration and virtualization to the branch while offering a wide-range of connectivity options.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "Cisco IOS-XE 16.12",
"historical_reason": null,
"hw_versions": "ISR 4321, ISR 4331, ISR 4351 and ISR 4451 with NIM-2GE-CU-SFP",
"level": 1,
"mentioned_certs": {},
"module_name": "Cisco ISR 4000 Series Routers with MACSEC",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-11-02",
"lab": "ACUMEN SECURITY, LLC",
"validation_type": "Initial"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "http://www.cisco.com"
}
}