Cisco Catalyst Embedded Wireless Controller on C9100 Series Access Points

Certificate #4549

Webpage information

Status active
Validation dates 11.07.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When installed, initialized and configured as specified in the Section 3 of Security Policy. When operated in FIPS mode. The tamper evident seals installed as indicated in the Security Policy. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Description The Cisco Catalyst Embedded Wireless Controller on C9100 Series Access Points is the next-generation Wi-Fi solution, combining the most advanced controller - the Cisco Catalyst 9800 Series Wireless Controllers - with the latest Wi-Fi 6 access points - the Cisco Catalyst 9100 Access Points - creating a best-in-class wireless experience for your evolving and growing organization.
Version (Hardware) 9115AXI with one FIPS Kit: AIR-AP-FIPSKIT=, 9115AXE with one FIPS Kit: AIR-AP-FIPSKIT=, 9120AXI with one FIPS Kit: AIR-AP-FIPSKIT=, 9120AXE with one FIPS Kit: AIR-AP-FIPSKIT=, 9120AXP with one FIPS Kit: AIR-AP-FIPSKIT=, 9130AXI with one FIPS Kit: AIR-AP-FIPSKIT=, 9130AXE with one FIPS Kit: AIR-AP-FIPSKIT=;
Version (Firmware) IOS-XE 17.3
Vendor Cisco Systems, Inc.
References

This certificate's webpage directly references 1 certificates, transitively this expands into 1 certificates.

Security policy

Symmetric Algorithms
AES, AES-256, RC4, DES, Triple-DES, HMAC, CMAC
Asymmetric Algorithms
RSA 2048, ECDSA, ECC, Diffie-Hellman, DH
Hash functions
SHA-1, SHA1, MD5
Schemes
Key Exchange, Key exchange
Protocols
SSH, TLS, TLS v1.2, TLS 1.2, DTLS, DTLS v1.2, IKEv2
Randomness
DRBG
Elliptic Curves
P-256, P-384, P-521, P-224
Block cipher modes
ECB, CBC, CTR, GCM

Vendor
Cisco Systems, Inc, Cisco, Cisco Systems

Security level
Level 2, Level 1, level 2, level 1

Standards
FIPS 140-2, FIPS PUB 140-2, FIPS186-4, SP 800-52, SP 800-133, SP 800-90A, PKCS#1, PKCS 1, RFC 5288, RFC 6347, RFC 5647

File metadata

Author Nick Goble
Creation date D:20230531103031-04'00'
Modification date D:20230531103031-04'00'
Pages 37
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References

Outgoing
  • 3637 - historical - ACT2Lite Cryptographic Module

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

References

Loading...

Updates Feed

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4549,
  "dgst": "143cf2c38c63401e",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "HMAC#A877",
        "Triple-DES#A1462",
        "CVL#A1462",
        "SHS#A877",
        "KAS#A1462",
        "HMAC#A1462",
        "AES#A877",
        "SHS#A1462",
        "KAS-SSC#A1462",
        "KAS-SSC#A877",
        "DRBG#A877",
        "ECDSA#A877",
        "AES#A1462",
        "KAS#A877",
        "DRBG#A1462",
        "RSA#A1462",
        "ECDSA#A1462",
        "RSA#A877",
        "KTS#A1462",
        "CVL#A877"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "17.3"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "3637"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "3637"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 5
          },
          "ECDSA": {
            "ECDSA": 9
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 32
          }
        },
        "RSA": {
          "RSA 2048": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CTR": {
          "CTR": 4
        },
        "ECB": {
          "ECB": 4
        },
        "GCM": {
          "GCM": 12
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKEv2": 10
        },
        "SSH": {
          "SSH": 33
        },
        "TLS": {
          "DTLS": {
            "DTLS": 18,
            "DTLS v1.2": 1
          },
          "TLS": {
            "TLS": 11,
            "TLS 1.2": 1,
            "TLS v1.2": 1
          }
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 2,
          "Key exchange": 2
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-224": 2,
          "P-256": 48,
          "P-384": 24,
          "P-521": 10
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1,
          "#3637": 1,
          "#4": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES-256": 2,
          "HMAC SHA-1": 3,
          "HMAC-SHA1": 2,
          "PKCS 1": 2,
          "PKCS#1": 6,
          "RSA 2048": 2,
          "RSA PKCS#1": 2,
          "RSA4": 1,
          "SHA-1": 8,
          "SHA-11": 1,
          "SHA-12": 1,
          "SHA1": 3,
          "SHA2-256": 11,
          "SHA2-384": 9,
          "SHA2-512": 9,
          "SHA2-521": 2
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 3,
          "level 1": 1,
          "level 2": 1
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 5
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 8,
            "SHA1": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 28
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 18,
          "FIPS PUB 140-2": 1,
          "FIPS186-4": 1
        },
        "NIST": {
          "SP 800-133": 1,
          "SP 800-52": 1,
          "SP 800-90A": 14
        },
        "PKCS": {
          "PKCS 1": 1,
          "PKCS#1": 4
        },
        "RFC": {
          "RFC 5288": 1,
          "RFC 5647": 1,
          "RFC 6347": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 19,
            "AES-256": 2
          },
          "RC": {
            "RC4": 2
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 2
          },
          "DES": {
            "DES": 3
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 1,
            "HMAC": 18
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Cisco": {
          "Cisco": 36,
          "Cisco Systems": 2,
          "Cisco Systems, Inc": 37
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Nick Goble",
      "/CreationDate": "D:20230531103031-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20230531103031-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 688915,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://csrc.nist.gov/groups/STM/index.html",
          "http://csrc.nist.gov/groups/STM/cmvp/validation.html",
          "https://software.cisco.com/",
          "http://www.cisco.com/",
          "https://software.cisco.com/download/home/286323294/type/286323077/release/17.3.4c"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 37
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.InternalState",
    "module": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": null,
      "txt_hash": null
    },
    "policy": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "7a716bd17c83dd0f6c0fd1d7672e676046044173ddf419fa220399f3609a58ad",
      "txt_hash": "cb8646326b2f97ea70633779a5b6f3483eb00be8a7005ab2fb54fd38aa360678"
    }
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When installed, initialized and configured as specified in the Section 3 of Security Policy. When operated in FIPS mode. The tamper evident seals installed as indicated in the Security Policy. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2023_010823_0649 signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Cisco Catalyst Embedded Wireless Controller on C9100 Series Access Points is the next-generation Wi-Fi solution, combining the most advanced controller - the Cisco Catalyst 9800 Series Wireless Controllers - with the latest Wi-Fi 6 access points - the Cisco Catalyst 9100 Access Points - creating a best-in-class wireless experience for your evolving and growing organization.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "IOS-XE 17.3",
    "historical_reason": null,
    "hw_versions": "9115AXI with one FIPS Kit: AIR-AP-FIPSKIT=, 9115AXE with one FIPS Kit: AIR-AP-FIPSKIT=, 9120AXI with one FIPS Kit: AIR-AP-FIPSKIT=, 9120AXE with one FIPS Kit: AIR-AP-FIPSKIT=, 9120AXP with one FIPS Kit: AIR-AP-FIPSKIT=, 9130AXI with one FIPS Kit: AIR-AP-FIPSKIT=, 9130AXE with one FIPS Kit: AIR-AP-FIPSKIT=;",
    "level": 2,
    "mentioned_certs": {
      "3637": 1
    },
    "module_name": "Cisco Catalyst Embedded Wireless Controller on C9100 Series Access Points",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-07-11",
        "lab": "Acumen Security",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Cisco Systems, Inc.",
    "vendor_url": "http://www.cisco.com"
  }
}