Cisco ASR 1001, 1001-X, 1002, 1002-X, 1004, 1006 and 1013

Certificate #2409

Webpage information

Status historical
Historical reason Moved to historical list due to sunsetting
Validation dates 22.07.2015
Standard FIPS 140-2
Security level 1
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode. When installed, initialized and configured as specified in Section 9 of the Security Policy and with the configurations in Table 1 as defined in the Security Policy
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.
Version (Hardware) ASR1001, ASR1001-X, ASR1002, ASR1002-X, ASR1004, ASR1006 and ASR1013; Embedded Services Processors: ASR1000-ESP5, ASR1000-ESP10, ASR1000-ESP20, ASR1000-ESP40, ASR1000-ESP100 and ASR1000-ESP200; Route Processors: ASR-1000-RP1 and ASR-1000-RP2; Linecards: ASR1000-6TGE and ASR1000-2T+20X1GE
Version (Firmware) IOS XE 3.13
Vendor Cisco Systems, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES-256, AES, RC4, DES, Triple-DES, TDES, HMAC
Asymmetric Algorithms
Diffie-Hellman, DH
Hash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5
Schemes
MAC, Key Exchange
Protocols
SSH, TLS, IKE, IPsec, VPN, PGP
Randomness
DRBG, RNG
Block cipher modes
ECB, CBC, CTR, GCM

Vendor
Cisco Systems, Inc, Cisco, Cisco Systems

Security level
Level 1, level 1

Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 140, SP 800-90, PKCS#1

File metadata

Title ASR_1K_Security_Policy
Author tbuscig
Creation date D:20150713163543-04'00'
Modification date D:20150713163543-04'00'
Pages 41
Creator PDFCreator 2.1.1.0
Producer PDFCreator 2.1.1.0

Heuristics

No heuristics are available for this certificate.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 2409,
  "dgst": "cb889e05f91275a6",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#2817",
        "Triple-DES#397",
        "HMAC#1764",
        "AES#333",
        "AES#2346",
        "Triple-DES#1688",
        "Triple-DES#1469",
        "SHS#408",
        "RSA#1471",
        "HMAC#137",
        "Triple-DES#1670",
        "DRBG#481",
        "CVL#253",
        "SHS#2338",
        "Triple-DES#1671",
        "SHS#2023",
        "HMAC#1455",
        "AES#2783",
        "SHS#2361"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.13"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "FF": {
          "DH": {
            "DH": 6,
            "Diffie-Hellman": 11
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 14
        },
        "CTR": {
          "CTR": 6
        },
        "ECB": {
          "ECB": 3
        },
        "GCM": {
          "GCM": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKE": 23
        },
        "IPsec": {
          "IPsec": 10
        },
        "PGP": {
          "PGP": 3
        },
        "SSH": {
          "SSH": 15
        },
        "TLS": {
          "TLS": {
            "TLS": 16
          }
        },
        "VPN": {
          "VPN": 3
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 7
        },
        "MAC": {
          "MAC": 2
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES -128, 192": 2,
          "AES CBC (128": 4,
          "AES KAT (2": 1,
          "AES-256": 5,
          "Cert. # AES": 1,
          "DES 9": 1,
          "HMAC SHA-1": 8,
          "HMAC SHA-256": 1,
          "HMAC SHA-384": 1,
          "HMAC SHA-512": 1,
          "HMAC-SHA1": 2,
          "PKCS#1": 1,
          "RSA PKCS#1": 1,
          "SHA-1": 18,
          "SHA-1 Byte Oriented 137": 4,
          "SHA-1 Byte Oriented 1455": 2,
          "SHA-1 KAT (2": 1,
          "SHA-256": 3,
          "SHA-384": 2,
          "SHA-512": 1,
          "SHA-512 KAT (2": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2,
          "level 1": 3
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 8
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 25
          },
          "SHA2": {
            "SHA-256": 3,
            "SHA-384": 2,
            "SHA-512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 10
        },
        "RNG": {
          "RNG": 6
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 2,
          "FIPS 140-2": 21,
          "FIPS PUB 140-2": 1
        },
        "NIST": {
          "SP 800-90": 3
        },
        "PKCS": {
          "PKCS#1": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 17,
            "AES-256": 5
          },
          "RC": {
            "RC4": 3
          }
        },
        "DES": {
          "3DES": {
            "TDES": 1,
            "Triple-DES": 15
          },
          "DES": {
            "DES": 5
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 21
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Cisco": {
          "Cisco": 88,
          "Cisco Systems": 7,
          "Cisco Systems, Inc": 42
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "tbuscig",
      "/CreationDate": "D:20150713163543-04\u002700\u0027",
      "/Creator": "PDFCreator 2.1.1.0",
      "/Keywords": "",
      "/ModDate": "D:20150713163543-04\u002700\u0027",
      "/Producer": "PDFCreator 2.1.1.0",
      "/Subject": "",
      "/Title": "ASR_1K_Security_Policy",
      "pdf_file_size_bytes": 444270,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 41
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "a6e9f902829f992c7947dfa81adef25ae2da6b1bcd98642020104c7e2c046035",
    "policy_txt_hash": "ad9158bce6eabf765fdca80335edaa7e4c36cb00eb7971f6a8f87515e292d650"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. When installed, initialized and configured as specified in Section 9 of the Security Policy and with the configurations in Table 1 as defined in the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertList0055.pdf",
    "date_sunset": null,
    "description": "The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "IOS XE 3.13",
    "historical_reason": "Moved to historical list due to sunsetting",
    "hw_versions": "ASR1001, ASR1001-X, ASR1002, ASR1002-X, ASR1004, ASR1006 and ASR1013; Embedded Services Processors: ASR1000-ESP5, ASR1000-ESP10, ASR1000-ESP20, ASR1000-ESP40, ASR1000-ESP100 and ASR1000-ESP200; Route Processors: ASR-1000-RP1 and ASR-1000-RP2; Linecards: ASR1000-6TGE and ASR1000-2T+20X1GE",
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Cisco ASR 1001, 1001-X, 1002, 1002-X, 1004, 1006 and 1013",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2015-07-22",
        "lab": "Acumen Security",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Cisco Systems, Inc.",
    "vendor_url": "http://www.cisco.com"
  }
}