This page was not yet optimized for use on mobile
devices.
Cisco Catalyst 9300 Series Switches
Certificate #3599
Webpage information
Security policy
Symmetric Algorithms
AES, RC4, DES, Triple-DES, HMAC, CMACAsymmetric Algorithms
RSA 2048, ECDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Protocols
SSHv2, SSH, TLS, TLSv1.2, IKE, IKEv1, IKEv2, IPsec, VPNRandomness
DRBG, RNGElliptic Curves
P-256, P-384, P-224, P-521, B-233, B-409, B-571, K-233, K-283, K-409, K-571, B-283Block cipher modes
ECB, CBC, CTR, OFB, GCM, CCM, XTSVendor
Cisco Systems, Inc, Cisco, Cisco SystemsSecurity level
Level 1, level 1Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 140, FIPS 186-4, SP 800-52, SP 800-90A, SP 800-90, PKCS 1, PKCS#1, RFC 5288, RFC 7296, RFC 5246, RFC 4253, RFC 6071File metadata
| Author | [email protected] |
|---|---|
| Creation date | D:20210716181642-04'00' |
| Modification date | D:20210716181642-04'00' |
| Pages | 22 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3599,
"dgst": "66849e29a8eb896b",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"Triple-DES#C462",
"AES#C431",
"CVL#C431",
"KBKDF#C462",
"HMAC#C462",
"DRBG#C431",
"HMAC#C431",
"RSA#C220",
"ECDSA#C462",
"CVL#C462",
"KBKDF#C431",
"AES#4769",
"ECDSA#C431",
"RSA#C431",
"Triple-DES#C431",
"DRBG#C462",
"SHS#C431",
"DSA#C431",
"AES#C462",
"SHS#C220",
"SHS#C462",
"RSA#C462",
"KTS#C431"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"17.3",
"16.9.2",
"16.12"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDSA": {
"ECDSA": 7
}
},
"FF": {
"DH": {
"DH": 15,
"Diffie-Hellman": 7
},
"DSA": {
"DSA": 3
}
},
"RSA": {
"RSA 2048": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CCM": {
"CCM": 1
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 8
},
"OFB": {
"OFB": 2
},
"XTS": {
"XTS": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 20,
"IKEv1": 1,
"IKEv2": 4
},
"IPsec": {
"IPsec": 7
},
"SSH": {
"SSH": 19,
"SSHv2": 3
},
"TLS": {
"TLS": {
"TLS": 33,
"TLSv1.2": 1
}
},
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-233": 2,
"B-283": 1,
"B-409": 2,
"B-571": 1,
"K-233": 2,
"K-283": 2,
"K-409": 2,
"K-571": 2,
"P-224": 4,
"P-256": 8,
"P-384": 6,
"P-521": 4
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1
}
},
"fips_certlike": {
"Certlike": {
"AES 128": 4,
"AES CBC (128": 1,
"DRBG (256": 1,
"HMAC SHA-1": 3,
"HMAC SHA-1 256": 1,
"HMAC-SHA 256/384": 2,
"HMAC-SHA-1": 2,
"HMAC-SHA1": 14,
"HMAC-SHA1 160": 2,
"PKCS 1": 12,
"PKCS#1": 1,
"RSA 2048": 1,
"RSA PKCS#1": 1,
"SHA-1": 8,
"SHA-1 256": 1,
"SHA-256": 2,
"SHA-384": 1,
"SHA-512": 3,
"SHA2- 256": 1,
"SHA2- 384": 1,
"SHA2- 512": 1,
"SHA2-224": 4,
"SHA2-256": 1,
"SHA2-384": 5,
"SHA2-512": 5
}
},
"fips_security_level": {
"Level": {
"Level 1": 3,
"level 1": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 6
}
},
"SHA": {
"SHA1": {
"SHA-1": 10
},
"SHA2": {
"SHA-256": 2,
"SHA-384": 1,
"SHA-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 32
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 1,
"FIPS 140-2": 16,
"FIPS 186-4": 4,
"FIPS PUB 140-2": 1
},
"NIST": {
"SP 800-52": 1,
"SP 800-90": 1,
"SP 800-90A": 4
},
"PKCS": {
"PKCS 1": 6,
"PKCS#1": 1
},
"RFC": {
"RFC 4253": 1,
"RFC 5246": 1,
"RFC 5288": 1,
"RFC 6071": 1,
"RFC 7296": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 17
},
"RC": {
"RC4": 3
}
},
"DES": {
"3DES": {
"Triple-DES": 5
},
"DES": {
"DES": 7
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 13
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 35,
"Cisco Systems": 4,
"Cisco Systems, Inc": 2
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "[email protected]",
"/CreationDate": "D:20210716181642-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20210716181642-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"pdf_file_size_bytes": 544969,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.cisco.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 22
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "3f45b4993923d72d40d71a8235e549bd98ef40a8759c422eeded30ab7506e701",
"policy_txt_hash": "438c87868cb0242f8e84c9cb4d5d15982e3039f509547f3a88a3ec728f7e5de5"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/Jan2020ConsolidatedCert.pdf",
"date_sunset": null,
"description": "The Cisco Catalyst 9300 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 2",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "Cisco IOS-XE 16.9.2, Cisco IOS-XE 16.12 and Cisco IOS-XE 17.3",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "Cisco Catalyst 9300-24T, Cisco Catalyst 9300-24P, Cisco Catalyst 9300-24U, Cisco Catalyst 9300-24UX, Cisco Catalyst 9300-48T, Cisco Catalyst 9300-48P, Cisco Catalyst 9300-48U, Cisco Catalyst 9300-48UX and Cisco Catalyst 9300-48UN",
"level": 1,
"mentioned_certs": {},
"module_name": "Cisco Catalyst 9300 Series Switches",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-01-10",
"lab": "Acumen Security",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-06-08",
"lab": "Acumen Security",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2021-08-25",
"lab": "Acumen Security",
"validation_type": "Update"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "https://www.cisco.com"
}
}