cert_id |
3868 |
4520 |
dgst |
2a2005a19dd5b0c0 |
e85a870aeb6eed9e |
heuristics/algorithms |
SHS#C220, SHS#C462, HMAC#C431, RSA#C462, KTS#C462, HMAC#C462, DSA#C431, CVL#C462, AES#C431, RSA#C220, RSA#C431, ECDSA#C462, KBKDF#C462, Triple-DES#C462, AES#C462, DRBG#C431, Triple-DES#C431, CVL#C431, SHS#C431, KBKDF#C431, AES#4769, DRBG#C462, ECDSA#C431 |
SHS#C220, HMAC#C431, DSA#C431, AES#C431, RSA#C220, SHS#A1462, HMAC#A1462, AES#A1462, RSA#C431, ECDSA#A1462, KTS#C431, DRBG#A1462, DRBG#C431, KAS-SSC#A1462, CVL#C431, SHS#C431, KBKDF#C431, KAS#A1462, AES#4769, KBKDF#A1462, CVL#A1462, KAS#C431, RSA#A1462, ECDSA#C431 |
heuristics/cpe_matches |
cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:* |
heuristics/direct_transitive_cves |
{} |
{} |
heuristics/extracted_versions |
16.12, 17.3 |
16.12, 17.3 |
heuristics/indirect_transitive_cves |
{} |
{} |
heuristics/module_processed_references/directly_referenced_by |
{} |
{} |
heuristics/module_processed_references/directly_referencing |
3637 |
3637 |
heuristics/module_processed_references/indirectly_referenced_by |
{} |
{} |
heuristics/module_processed_references/indirectly_referencing |
3637 |
3637 |
heuristics/module_prunned_references |
3637 |
3637 |
heuristics/policy_processed_references/directly_referenced_by |
{} |
{} |
heuristics/policy_processed_references/directly_referencing |
3637 |
3637 |
heuristics/policy_processed_references/indirectly_referenced_by |
{} |
{} |
heuristics/policy_processed_references/indirectly_referencing |
3637 |
3637 |
heuristics/policy_prunned_references |
3637 |
3637 |
heuristics/related_cves |
{} |
{} |
heuristics/verified_cpe_matches |
{} |
{} |
pdf_data/keywords/fips_cert_id |
|
|
pdf_data/keywords/fips_security_level |
|
|
pdf_data/keywords/fips_certlike |
- Certlike:
- AES 128: 1
- AES CBC (128: 1
- AES GCM KAT 3: 1
- AES-CMAC KAT 4: 1
- AES-CMAC KAT 5: 1
- DES 2: 2
- DRBG (256: 1
- HMAC SHA-1: 2
- HMAC- SHA1: 1
- HMAC- SHA1 160: 2
- HMAC-SHA 256/384: 2
- HMAC-SHA-1: 6
- HMAC-SHA1: 8
- PKCS 1: 12
- PKCS#1: 1
- RSA 2: 1
- RSA 2048: 1
- RSA PKCS#1: 1
- SHA-1: 4
- SHA-1 KAT 14: 1
- SHA-256: 2
- SHA-384: 1
- SHA-512: 3
- SHA1: 1
- SHA1 160: 2
- SHA2- 224: 1
- SHA2- 384: 3
- SHA2-224: 1
- SHA2-256: 3
- SHA2-384: 1
- SHA2-512: 4
|
- Certlike:
- AES 128: 1
- AES CBC (128: 1
- AES GCM KAT 3: 1
- AES-CMAC KAT 4: 1
- AES-CMAC KAT 5: 1
- DES 1: 1
- DES 2: 1
- DRBG (256: 1
- HMAC SHA-1: 2
- HMAC- SHA1: 1
- HMAC- SHA1 160: 2
- HMAC-SHA 256/384: 2
- HMAC-SHA-1: 6
- HMAC-SHA1: 8
- PKCS 1: 12
- PKCS#1: 1
- RSA 2: 1
- RSA 2048: 1
- RSA PKCS#1: 1
- SHA-1: 4
- SHA-1 KAT 15: 1
- SHA-512: 3
- SHA1: 1
- SHA1 160: 2
- SHA2- 224: 1
- SHA2- 384: 3
- SHA2-224: 1
- SHA2-256: 3
- SHA2-384: 1
- SHA2-512: 4
|
pdf_data/keywords/vendor |
- Cisco:
- Cisco: 16
- Cisco Systems: 4
- Cisco Systems, Inc: 2
|
- Cisco:
- Cisco: 16
- Cisco Systems: 4
- Cisco Systems, Inc: 2
|
pdf_data/keywords/eval_facility |
|
|
pdf_data/keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
|
- AES_competition:
- DES:
- constructions:
|
pdf_data/keywords/asymmetric_crypto |
|
|
pdf_data/keywords/pq_crypto |
|
|
pdf_data/keywords/hash_function |
- MD:
- SHA:
- SHA1:
- SHA2:
- SHA-256: 2
- SHA-384: 1
- SHA-512: 3
|
|
pdf_data/keywords/crypto_scheme |
|
|
pdf_data/keywords/crypto_protocol |
- IKE:
- IKE: 17
- IKEv1: 1
- IKEv2: 4
- IPsec:
- SSH:
- TLS:
- VPN:
|
- IKE:
- IPsec:
- SSH:
- TLS:
- VPN:
|
pdf_data/keywords/randomness |
|
|
pdf_data/keywords/cipher_mode |
- CBC:
- CCM:
- CTR:
- ECB:
- GCM:
- OFB:
- XTS:
|
- CBC:
- CCM:
- CTR:
- ECB:
- GCM:
- OFB:
- XTS:
|
pdf_data/keywords/ecc_curve |
- NIST:
- B-233: 2
- B-283: 2
- B-409: 1
- B-571: 2
- K-233: 2
- K-283: 2
- K-409: 2
- K-571: 2
- P-224: 4
- P-256: 18
- P-384: 16
- P-521: 4
|
- NIST:
- B-233: 1
- B-283: 1
- B-409: 1
- B-571: 1
- K-233: 1
- K-283: 1
- K-409: 1
- K-571: 1
- P-224: 2
- P-256: 16
- P-384: 12
- P-521: 2
|
pdf_data/keywords/crypto_engine |
|
|
pdf_data/keywords/tls_cipher_suite |
|
|
pdf_data/keywords/crypto_library |
|
|
pdf_data/keywords/vulnerability |
|
|
pdf_data/keywords/side_channel_analysis |
|
|
pdf_data/keywords/device_model |
|
|
pdf_data/keywords/tee_name |
|
|
pdf_data/keywords/os_name |
|
|
pdf_data/keywords/cplc_data |
|
|
pdf_data/keywords/ic_data_group |
|
|
pdf_data/keywords/standard_id |
- FIPS:
- FIPS 140: 1
- FIPS 140-2: 19
- FIPS 186-4: 6
- FIPS PUB 140-2: 1
- NIST:
- SP 800-38D: 1
- SP 800-52: 1
- SP 800-90: 1
- SP 800-90A: 7
- PKCS:
- RFC:
- RFC 4253: 1
- RFC 5246: 1
- RFC 5288: 1
- RFC 6071: 1
- RFC 7296: 2
|
- FIPS:
- FIPS 140: 1
- FIPS 140-2: 19
- FIPS 186-4: 6
- FIPS PUB 140-2: 1
- NIST:
- SP 800-38D: 1
- SP 800-52: 1
- SP 800-90: 1
- SP 800-90A: 7
- PKCS:
- RFC:
|
pdf_data/keywords/javacard_version |
|
|
pdf_data/keywords/javacard_api_const |
|
|
pdf_data/keywords/javacard_packages |
|
|
pdf_data/keywords/certification_process |
|
|
pdf_data/policy_metadata |
|
|
state/module_download_ok |
True |
True |
state/module_extract_ok |
True |
True |
state/policy_convert_garbage |
False |
False |
state/policy_convert_ok |
True |
True |
state/policy_download_ok |
True |
True |
state/policy_extract_ok |
True |
True |
state/policy_pdf_hash |
Different |
Different |
state/policy_txt_hash |
Different |
Different |
web_data/caveat |
When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode |
When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module ' ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode |
web_data/certificate_pdf_url |
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/March 2021_010421_0724_signed.pdf |
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf |
web_data/date_sunset |
|
28.03.2026 |
web_data/description |
The Cisco Catalyst 9600 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support. |
The Cisco Catalyst 9600 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support. |
web_data/embodiment |
Multi-Chip Stand Alone |
Multi-Chip Stand Alone |
web_data/exceptions |
Roles, Services, and Authentication: Level 3, Design Assurance: Level 2, Mitigation of Other Attacks: N/A |
Roles, Services, and Authentication: Level 3, Design Assurance: Level 2, Mitigation of Other Attacks: N/A |
web_data/fw_versions |
C, i, s, c, o, , I, O, S, -, X, E, , 1, 6, ., 1, 2, , a, n, d, , C, i, s, c, o, , I, O, S, -, X, E, , 1, 7, ., 3 |
C, i, s, c, o, , I, O, S, -, X, E, , 1, 6, ., 1, 2, , a, n, d, , C, i, s, c, o, , I, O, S, -, X, E, , 1, 7, ., 3 |
web_data/historical_reason |
SP 800-56Arev3 transition - replaced by certificate #4520 |
|
web_data/hw_versions |
C, i, s, c, o, , C, a, t, a, l, y, s, t, , 9, 6, 0, 6, R, , w, i, t, h, , c, o, m, p, o, n, e, n, t, s, , C, 9, 6, 0, 0, -, S, U, P, -, 1, ,, , C, 9, 6, 0, 0, -, L, C, -, 4, 8, Y, L, , a, n, d, , C, 9, 6, 0, 0, -, L, C, -, 2, 4, C |
C, i, s, c, o, , C, a, t, a, l, y, s, t, , 9, 6, 0, 6, R, , w, i, t, h, , c, o, m, p, o, n, e, n, t, s, , C, 9, 6, 0, 0, -, S, U, P, -, 1, ,, , C, 9, 6, 0, 0, -, L, C, -, 4, 8, Y, L, , a, n, d, , C, 9, 6, 0, 0, -, L, C, -, 2, 4, C |
web_data/level |
1 |
1 |
web_data/mentioned_certs |
|
|
web_data/module_name |
Cisco Catalyst 9600 Series Switches |
Cisco Catalyst 9600 Series Switches |
web_data/module_type |
Hardware |
Hardware |
web_data/revoked_link |
None |
None |
web_data/revoked_reason |
None |
None |
web_data/standard |
FIPS 140-2 |
FIPS 140-2 |
web_data/status |
historical |
active |
web_data/sw_versions |
None |
None |
web_data/tested_conf |
[] |
[] |
web_data/validation_history |
- date: 29.03.2021
- lab: ACUMEN SECURITY, LLC
- validation_type: Initial
|
- date: 11.05.2023
- lab: ACUMEN SECURITY, LLC
- validation_type: Initial
|
web_data/vendor |
Cisco Systems, Inc. |
Cisco Systems, Inc. |
web_data/vendor_url |
http://www.cisco.com |
http://www.cisco.com |