Cisco Catalyst 6506, 6509, 6506(E), 6509(E), 7606 and 7609 Routers With VPN Services Module

Certificate #676

Webpage information

Status historical
Historical reason RNG SP800-131A Revision 1 Transition
Validation dates 22.05.2006 , 28.05.2010 , 23.02.2012
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode
Description The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers with the VPN Services Module offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements.
Version (Hardware) Chassis:6506, 6509, 6506-E, 6509-E,7606,7609; Backplane chassis: Hardware Version 1.0 (6505(E), 7606, 7609), 1.1 (6509(E)), 3.0 (6506, 6509); Supervisor Blade: Hardware Version 4.1 (SUP720-3B), 4.0 (SUP720-3BXL); VPNSM Blade: Hardware Version 1.3
Version (Firmware) 12.2(18)SXE2
Vendor Cisco Systems, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, DES, Triple-DES, HMAC
Asymmetric Algorithms
DH, Diffie-Hellman
Hash functions
SHA-1, MD5
Schemes
Key Exchange
Protocols
SSH, IKE, IPsec, VPN, PGP
Randomness
PRNG, RNG

Trusted Execution Environments
SE
Vendor
Cisco Systems, Inc, Cisco, Cisco Systems

Security level
Level 2, level 1
Side-channel analysis
malfunction

Standards
FIPS 140-2, RFC 1334

File metadata

Title macedon security policy without hmac.fm
Author sshorter
Creation date D:20040722143115Z
Modification date D:20060522120723-04'00'
Pages 38
Creator FrameMaker 7.0
Producer Acrobat Distiller 5.0.5 (Windows)

References

Incoming
  • 2472 - historical - SUSE Linux Enterprise Server 12 - OpenSSH Client Module
  • 2484 - historical - SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module
  • 2471 - historical - SUSE Linux Enterprise Server 12 - OpenSSH Server Module

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 676,
  "dgst": "63db0204e2f34aaa",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#117",
        "Triple-DES#132",
        "RNG#123",
        "HMAC#33"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "1.0",
        "1.3",
        "1.1",
        "3.0",
        "4.0",
        "12.2",
        "4.1"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "2484",
          "2472",
          "2471"
        ]
      },
      "directly_referencing": null,
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "2472",
          "2471",
          "3099",
          "2484",
          "2549"
        ]
      },
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "FF": {
          "DH": {
            "DH": 8,
            "Diffie-Hellman": 6
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKE": 19
        },
        "IPsec": {
          "IPsec": 13
        },
        "PGP": {
          "PGP": 2
        },
        "SSH": {
          "SSH": 10
        },
        "VPN": {
          "VPN": 66
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 2
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "HMAC SHA-1": 4,
          "SHA-1": 14
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 4,
          "level 1": 1
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 14
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "PRNG": 5
        },
        "RNG": {
          "RNG": 2
        }
      },
      "side_channel_analysis": {
        "FI": {
          "malfunction": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 23
        },
        "RFC": {
          "RFC 1334": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 1
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 7
          },
          "DES": {
            "DES": 5
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 5
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SE": 5
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Cisco": {
          "Cisco": 224,
          "Cisco Systems": 13,
          "Cisco Systems, Inc": 6
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "sshorter",
      "/CreationDate": "D:20040722143115Z",
      "/Creator": "FrameMaker 7.0",
      "/ModDate": "D:20060522120723-04\u002700\u0027",
      "/Producer": "Acrobat Distiller 5.0.5 (Windows)",
      "/Title": "macedon security policy without hmac.fm",
      "pdf_file_size_bytes": 2065451,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.cisco.com/en/US/learning/index.html",
          "http://www.cisco.com/techsupport/contacts",
          "http://www.cisco.com/en/US/partner/ordering/",
          "http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html",
          "http://pgp.mit.edu:11371/pks/lookup?search=psirt%40cisco.com\u0026op=index\u0026exact=on",
          "mailto:[email protected]",
          "http://www.cisco.com/go/iqmagazine",
          "http://www.cisco.com/techsupport/servicerequest",
          "http://www.cisco.com",
          "http://www.cisco.com/go/marketplace/",
          "http://www.cisco.com/univercd/home/home.htm",
          "http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm",
          "http://tools.cisco.com/RPF/register/register.do",
          "mailto:[email protected]",
          "http://www.cisco.com/packet",
          "http://www.cisco.com/en/US/products/products_psirt_rss_feed.html",
          "http://www.cisco.com/public/countries_languages.shtml",
          "http://www.cisco.com/ipj",
          "http://www.ciscopress.com",
          "http://www.cisco.com/techsupport",
          "http://www.cisco.com/go/psirt"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 38
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "667141feebfdcd37797257cf43171c5174367aba5a0e711d09dc7f0741675d18",
    "policy_txt_hash": "c1ad5c7a5a2159e6000716d333c189330670b2df33eb3f4474ceca088ad8efd5"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt676.pdf",
    "date_sunset": null,
    "description": "The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers with the VPN Services Module offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches and the Cisco 7606 and Cisco 7609 routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": null,
    "fw_versions": "12.2(18)SXE2",
    "historical_reason": "RNG SP800-131A Revision 1 Transition",
    "hw_versions": "Chassis:6506, 6509, 6506-E, 6509-E,7606,7609; Backplane chassis: Hardware Version 1.0 (6505(E), 7606, 7609), 1.1 (6509(E)), 3.0 (6506, 6509); Supervisor Blade: Hardware Version 4.1 (SUP720-3B), 4.0 (SUP720-3BXL); VPNSM Blade: Hardware Version 1.3",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Cisco Catalyst 6506, 6509, 6506(E), 6509(E), 7606 and 7609 Routers With VPN Services Module",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2006-05-22",
        "lab": "SAIC-VA",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2010-05-28",
        "lab": "",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2012-02-23",
        "lab": "",
        "validation_type": "Update"
      }
    ],
    "vendor": "Cisco Systems, Inc.",
    "vendor_url": "http://www.cisco.com"
  }
}