Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12

Certificate #4606

Webpage information ?

Status active
Validation dates 26.09.2023
Sunset date 05-04-2026
Standard FIPS 140-2
Security level 1
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When installed, initialized and configured as specified in Section 11 of the Security Policy and operated in FIPS mode. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Description The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.
Version (Hardware) 9800-40, 9800-80 and 9800-L
Version (Firmware) IOS-XE 16.12
Vendor Cisco Systems, Inc.
References

This certificate's webpage directly references 1 certificates, transitively this expands into 1 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-256, AES-, RC4, DES, Triple-DES, HMAC, CMAC
Asymmetric Algorithms
RSA 2048, ECDSA, ECC, Diffie-Hellman, DH
Hash functions
SHA-1, SHA1, SHA512, MD5
Schemes
MAC, Key Exchange, Key exchange
Protocols
SSH, TLS, TLSv1.2, TLS v1.2, TLS 1.2, DTLS, DTLS v1.2, IKE, IKEv2, IKEv1, IPsec, VPN, PGP
Randomness
DRBG, RNG
Elliptic Curves
P-256, P-384, P-521
Block cipher modes
ECB, CBC, CTR, GCM

Trusted Execution Environments
SSC
Vendor
Cisco Systems, Inc, Cisco, Cisco Systems

Security level
Level 1, level 1, Level 3

Standards
FIPS 140-2, FIPS PUB 140-2, FIPS186-4, SP 800-52, SP 800-133, SP 800-90A, PKCS#1, PKCS 1, RFC 5288, RFC 7296, RFC5282, RFC4106

File metadata

Author Len Prince (lprince)
Creation date D:20230908133008-04'00'
Modification date D:20230908133008-04'00'
Pages 35
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References

Outgoing
  • 3637 - active - ACT2Lite Cryptographic Module

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

  • 01.11.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4606,
  "dgst": "94962c41e17d6142",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#A2452",
        "CVL#A2452",
        "KAS-SSC#A1462",
        "AES#A1462",
        "KAS#A1462",
        "DRBG#A2452",
        "AES#A2452",
        "CVL#A1462",
        "ECDSA#A2452",
        "KAS#A2452",
        "RSA#A1462",
        "AES#2346",
        "DRBG#A1462",
        "HMAC#A1462",
        "RSA#A2452",
        "KTS#A2452",
        "KAS-SSC#A2452",
        "SHS#2023",
        "HMAC#A2452",
        "SHS#A1462",
        "ECDSA#A1462"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "16.12"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "3637"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "3637"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "3637"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDSA": {
            "ECDSA": 9
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 40
          }
        },
        "RSA": {
          "RSA 2048": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 11
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 3
        },
        "GCM": {
          "GCM": 20
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKE": 17,
          "IKEv1": 1,
          "IKEv2": 16
        },
        "IPsec": {
          "IPsec": 5
        },
        "PGP": {
          "PGP": 3
        },
        "SSH": {
          "SSH": 30
        },
        "TLS": {
          "DTLS": {
            "DTLS": 17,
            "DTLS v1.2": 1
          },
          "TLS": {
            "TLS": 12,
            "TLS 1.2": 1,
            "TLS v1.2": 1,
            "TLSv1.2": 1
          }
        },
        "VPN": {
          "VPN": 1
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 4,
          "Key exchange": 2
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 44,
          "P-384": 28,
          "P-521": 10
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 2,
          "#3637": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES CBC (128": 6,
          "AES GCM (128": 2,
          "AES GCM (256": 2,
          "AES-256": 2,
          "Cert. # RSA": 1,
          "HMAC SHA-1": 3,
          "HMAC-SHA1": 2,
          "PKCS 1": 2,
          "PKCS#1": 6,
          "RSA 2048": 2,
          "RSA PKCS#1": 2,
          "RSA1": 1,
          "SHA-1": 9,
          "SHA1": 4,
          "SHA2-256": 11,
          "SHA2-384": 9,
          "SHA2-512": 9,
          "SHA2-521": 2,
          "SHA512": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 4,
          "Level 3": 1,
          "level 1": 3
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 8
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 9,
            "SHA1": 4
          },
          "SHA2": {
            "SHA512": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 29
        },
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 25,
          "FIPS PUB 140-2": 1,
          "FIPS186-4": 2
        },
        "NIST": {
          "SP 800-133": 2,
          "SP 800-52": 1,
          "SP 800-90A": 16
        },
        "PKCS": {
          "PKCS 1": 1,
          "PKCS#1": 4
        },
        "RFC": {
          "RFC 5288": 1,
          "RFC 7296": 2,
          "RFC4106": 1,
          "RFC5282": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 30,
            "AES-": 4,
            "AES-256": 2
          },
          "RC": {
            "RC4": 4
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 2
          },
          "DES": {
            "DES": 4
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 1,
            "HMAC": 25
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SSC": 2
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Cisco": {
          "Cisco": 87,
          "Cisco Systems": 8,
          "Cisco Systems, Inc": 35
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Len Prince (lprince)",
      "/CreationDate": "D:20230908133008-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20230908133008-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 845868,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://csrc.nist.gov/groups/STM/cmvp/index.html",
          "http://www.cisco.com/public/countries_languages.shtml",
          "http://www.cisco.com/",
          "http://www.cisco.com/techsupport/servicerequest",
          "http://www.cisco.com/go/psirt",
          "http://www.cisco.com/discuss/networking",
          "https://software.cisco.com/",
          "mailto:[email protected]",
          "http://www.cisco.com/en/US/learning/index.html",
          "http://www.cisco.com/ipj",
          "http://www.cisco.com/techsupport/contacts",
          "http://www.cisco.com/go/marketplace/",
          "http://csrc.nist.gov/groups/STM/cmvp/validation.html",
          "http://www.cisco.com/en/US/products/index.html",
          "http://www.ciscopress.com/",
          "http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html",
          "http://tools.cisco.com/security/center/rss.x?i=44",
          "https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/16-12/config-guide/b_wl_16_12_cg.html",
          "http://tools.cisco.com/RPF/register/register.do",
          "http://www.cisco.com/packet",
          "http://www.cisco.com/techsupport"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 35
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "bd4dba8f9ac3cde091a87f77f8a0bcb72035a6b612b276ec07486a0203f416bc",
    "policy_txt_hash": "f6d22ec1dd99cf978ea8f0e3b5bc91251ccc7f485ce03bf9c69db1ad771b8d39"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When installed, initialized and configured as specified in Section 11 of the Security Policy and operated in FIPS mode. This module contains the embedded module ACT2Lite validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2023_101023_1100 signed (2).pdf",
    "date_sunset": "2026-04-05",
    "description": "The Cisco Series Wireless Controllers, are a highly scalable and flexible platform that enables system-wide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "IOS-XE 16.12",
    "historical_reason": null,
    "hw_versions": "9800-40, 9800-80 and 9800-L",
    "level": 1,
    "mentioned_certs": {
      "3637": 1
    },
    "module_name": "Cisco Catalyst 9800 (40/80/L) Wireless Controllers running IOS-XE 16.12",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-09-26",
        "lab": "ACUMEN SECURITY, LLC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Cisco Systems, Inc.",
    "vendor_url": "http://www.cisco.com"
  }
}