This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	Cisco Catalyst 9400 Series Switches	Cisco Catalyst 9400 Series Switches
cert_id	3834	4519
dgst	b0f40e2bace115cb	f36e412aea00d7c6
heuristics/algorithms	SHS#C220, SHS#C462, HMAC#C431, RSA#C462, KTS#C462, HMAC#C462, DSA#C431, CVL#C462, AES#C431, RSA#C220, RSA#C431, ECDSA#C462, KBKDF#C462, Triple-DES#C462, AES#C462, DRBG#C431, Triple-DES#C431, CVL#C431, SHS#C431, KBKDF#C431, AES#4769, DRBG#C462, ECDSA#C431	SHS#C220, HMAC#C431, DSA#C431, AES#C431, RSA#C220, SHS#A1462, HMAC#A1462, AES#A1462, RSA#C431, ECDSA#A1462, DRBG#A1462, KTS#C43, DRBG#C431, KAS-SSC#A1462, CVL#C431, SHS#C431, KBKDF#C431, KAS#A1462, AES#4769, KBKDF#A1462, CVL#A1462, KAS#C431, RSA#A1462, ECDSA#C431
heuristics/cpe_matches	cpe:2.3:h:cisco:catalyst_9400:-:::::::*	cpe:2.3:h:cisco:catalyst_9400:-:::::::*
heuristics/direct_transitive_cves	{}	{}
heuristics/extracted_versions	16.12, 17.3	16.12, 17.3
heuristics/indirect_transitive_cves	{}	{}
heuristics/module_processed_references/directly_referenced_by	{}	{}
heuristics/module_processed_references/directly_referencing	3637	3637
heuristics/module_processed_references/indirectly_referenced_by	{}	{}
heuristics/module_processed_references/indirectly_referencing	3637	3637
heuristics/module_prunned_references	3637	3637
heuristics/policy_processed_references/directly_referenced_by	{}	{}
heuristics/policy_processed_references/directly_referencing	3637	3637
heuristics/policy_processed_references/indirectly_referenced_by	{}	{}
heuristics/policy_processed_references/indirectly_referencing	3637	3637
heuristics/policy_prunned_references	3637	3637
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id	Cert: #1: 1 #3637: 2	Cert: #1: 1 #3637: 2
pdf_data/keywords/fips_security_level	Level: Level 1: 3 level 1: 3	Level: Level 1: 3 level 1: 3
pdf_data/keywords/fips_certlike	Certlike: AES 128: 1 AES CBC (128: 1 DES 1: 1 DES 2: 1 DRBG (256: 1 HMAC SHA-1: 2 HMAC- SHA1: 1 HMAC- SHA1 160: 2 HMAC-SHA 256/384: 2 HMAC-SHA-1: 6 HMAC-SHA1: 8 PKCS 1: 12 PKCS#1: 1 RSA 2048: 1 RSA PKCS#1: 1 SHA-1: 5 SHA-256: 2 SHA-384: 1 SHA-512: 3 SHA1: 1 SHA1 160: 2 SHA2- 224: 1 SHA2- 384: 3 SHA2-224: 1 SHA2-256: 3 SHA2-384: 1 SHA2-512: 4	Certlike: AES 128: 1 AES CBC (128: 1 DES 1: 1 DES 2: 1 DRBG (256: 1 HMAC SHA-1: 2 HMAC- SHA1: 1 HMAC- SHA1 160: 2 HMAC-SHA 256/384: 2 HMAC-SHA-1: 6 HMAC-SHA1: 8 PKCS 1: 12 PKCS#1: 1 RSA 2048: 1 RSA PKCS#1: 1 SHA-1: 5 SHA-512: 3 SHA1: 1 SHA1 160: 2 SHA2- 224: 1 SHA2- 384: 3 SHA2-224: 1 SHA2-256: 3 SHA2-384: 1 SHA2-512: 4
pdf_data/keywords/vendor	Cisco: Cisco: 17 Cisco Systems: 4 Cisco Systems, Inc: 2	Cisco: Cisco: 17 Cisco Systems: 4 Cisco Systems, Inc: 2
pdf_data/keywords/eval_facility
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 13 RC: RC4: 3 DES: 3DES: Triple-DES: 5 DES: DES: 5 constructions: MAC: CMAC: 2 HMAC: 11	AES_competition: AES: AES: 17 RC: RC4: 3 DES: 3DES: Triple-DES: 4 DES: DES: 5 constructions: MAC: CMAC: 2 HMAC: 11
pdf_data/keywords/asymmetric_crypto	ECC: ECC: ECC: 2 ECDH: ECDH: 3 ECDSA: ECDSA: 7 FF: DH: DH: 15 Diffie-Hellman: 6 DSA: DSA: 3 RSA: RSA 2048: 1	ECC: ECC: ECC: 4 ECDH: ECDH: 3 ECDSA: ECDSA: 7 FF: DH: DH: 15 Diffie-Hellman: 4 DSA: DSA: 3 RSA: RSA 2048: 1
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function	MD: MD5: MD5: 7 SHA: SHA1: SHA-1: 6 SHA1: 3 SHA2: SHA-256: 2 SHA-384: 1 SHA-512: 3	MD: MD5: MD5: 7 SHA: SHA1: SHA-1: 6 SHA1: 3 SHA2: SHA-512: 3
pdf_data/keywords/crypto_scheme
pdf_data/keywords/crypto_protocol	IKE: IKE: 17 IKEv1: 1 IKEv2: 4 IPsec: IPsec: 7 SSH: SSH: 21 TLS: TLS: TLS: 35 TLSv1.2: 1 VPN: VPN: 2	IKE: IKE: 17 IKEv2: 10 IPsec: IPsec: 7 SSH: SSH: 20 TLS: TLS: TLS: 33 TLSv1.2: 1 VPN: VPN: 2
pdf_data/keywords/randomness	PRNG: DRBG: 28	PRNG: DRBG: 28
pdf_data/keywords/cipher_mode	CBC: CBC: 5 CCM: CCM: 1 CTR: CTR: 3 ECB: ECB: 5 GCM: GCM: 10 OFB: OFB: 2 XTS: XTS: 1	CBC: CBC: 2 CCM: CCM: 1 CTR: CTR: 2 ECB: ECB: 3 GCM: GCM: 10 OFB: OFB: 1 XTS: XTS: 1
pdf_data/keywords/ecc_curve	NIST: B-233: 2 B-283: 2 B-409: 1 B-571: 2 K-233: 2 K-283: 2 K-409: 2 K-571: 2 P-224: 4 P-256: 18 P-384: 16 P-521: 4	NIST: B-233: 1 B-283: 2 B-409: 1 B-571: 2 K-233: 2 K-283: 2 K-409: 1 K-571: 1 P-224: 4 P-256: 16 P-384: 12 P-521: 4
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite
pdf_data/keywords/crypto_library
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis
pdf_data/keywords/device_model
pdf_data/keywords/tee_name
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140: 1 FIPS 140-2: 19 FIPS 186-4: 6 FIPS PUB 140-2: 1 NIST: SP 800-38D: 1 SP 800-52: 1 SP 800-90: 1 SP 800-90A: 8 PKCS: PKCS 1: 6 PKCS#1: 1 RFC: RFC 4253: 1 RFC 5246: 1 RFC 5288: 1 RFC 6071: 1 RFC 7296: 2	FIPS: FIPS 140: 1 FIPS 140-2: 19 FIPS 186-4: 6 FIPS PUB 140-2: 1 NIST: SP 800-38D: 1 SP 800-52: 1 SP 800-90: 1 SP 800-90A: 8 PKCS: PKCS 1: 6 PKCS#1: 1 RFC: RFC 5288: 1 RFC 7296: 2
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/Author: [email protected] /CreationDate: D:20210716182250-04'00' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20210716182250-04'00' /Producer: Microsoft® Word for Microsoft 365 pdf_file_size_bytes: 704706 pdf_hyperlinks: https://www.cisco.com/c/en/us/products/switches/catalyst-9400-series-switches/index.html, https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program, http://www.cisco.com/ pdf_is_encrypted: False pdf_number_of_pages: 25	/Author: [email protected] /CreationDate: D:20230327190838-04'00' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20230327190838-04'00' /Producer: Microsoft® Word for Microsoft 365 pdf_file_size_bytes: 703969 pdf_hyperlinks: https://www.cisco.com/c/en/us/products/switches/catalyst-9400-series-switches/index.html, https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program, http://www.cisco.com/ pdf_is_encrypted: False pdf_number_of_pages: 25
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode	When operated in FIPS mode, installed, initialized and configured as specified in Section 3 of the Security Policy. This module contains the embedded module 'ACT2Lite Cryptographic Module' validated to FIPS 140-2 under Cert. #3637 operating in FIPS mode
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/March 2021_010421_0724_signed.pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf
web_data/date_sunset		02.03.2026
web_data/description	The Cisco Catalyst 9400 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support.	The Cisco Catalyst 9400 Series Switches are stackable enterprise switching platform built for security, IoT, mobility, and cloud. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. The modules include cryptographic algorithms implemented in IOS-XE software as well as hardware ASIC. Advanced security feature supports MACsec encryption, hardware anchored secure boot and Secure Unique Device Identification (SUDI) support.
web_data/embodiment	Multi-Chip Stand Alone	Multi-Chip Stand Alone
web_data/exceptions	Roles, Services, and Authentication: Level 3, Design Assurance: Level 2, Mitigation of Other Attacks: N/A	Roles, Services, and Authentication: Level 3, Design Assurance: Level 2, Mitigation of Other Attacks: N/A
web_data/fw_versions	C, i, s, c, o, , I, O, S, -, X, E, , 1, 6, ., 1, 2, , a, n, d, , C, i, s, c, o, , I, O, S, -, X, E, , 1, 7, ., 3	C, i, s, c, o, , I, O, S, -, X, E, , 1, 6, ., 1, 2, , a, n, d, , C, i, s, c, o, , I, O, S, -, X, E, , 1, 7, ., 3
web_data/historical_reason	SP 800-56Arev3 transition - replaced by certificate #4519
web_data/hw_versions	C, i, s, c, o, , C, a, t, a, l, y, s, t, , 9, 4, 0, 4, R, ,, , C, i, s, c, o, , C, a, t, a, l, y, s, t, , C, 9, 4, 0, 7, R, , a, n, d, , C, i, s, c, o, , C, a, t, a, l, y, s, t, , C, 9, 4, 1, 0, R, , w, i, t, h, , c, o, m, p, o, n, e, n, t, s, , C, 9, 4, 0, 0, -, S, U, P, -, 1, ,, , C, 9, 4, 0, 0, -, S, U, P, -, 1, X, L, ,, , C, 9, 4, 0, 0, -, S, U, P, -, 1, X, L, -, Y, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, U, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, T, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, P, ,, , C, 9, 4, 0, 0, -, L, C, -, 2, 4, X, S, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, U, X, ,, , C, 9, 4, 0, 0, -, L, C, -, 2, 4, S, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, S, , a, n, d, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, H	C, i, s, c, o, , C, a, t, a, l, y, s, t, , 9, 4, 0, 4, R, ,, , C, i, s, c, o, , C, a, t, a, l, y, s, t, , C, 9, 4, 0, 7, R, , a, n, d, , C, i, s, c, o, , C, a, t, a, l, y, s, t, , C, 9, 4, 1, 0, R, , w, i, t, h, , c, o, m, p, o, n, e, n, t, s, , C, 9, 4, 0, 0, -, S, U, P, -, 1, ,, , C, 9, 4, 0, 0, -, S, U, P, -, 1, X, L, ,, , C, 9, 4, 0, 0, -, S, U, P, -, 1, X, L, -, Y, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, U, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, T, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, P, ,, , C, 9, 4, 0, 0, -, L, C, -, 2, 4, X, S, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, U, X, ,, , C, 9, 4, 0, 0, -, L, C, -, 2, 4, S, ,, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, S, , a, n, d, , C, 9, 4, 0, 0, -, L, C, -, 4, 8, H
web_data/level	1	1
web_data/mentioned_certs	3637: 1	3637: 1
web_data/module_name	Cisco Catalyst 9400 Series Switches	Cisco Catalyst 9400 Series Switches
web_data/module_type	Hardware	Hardware
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-2	FIPS 140-2
web_data/status	historical	active
web_data/sw_versions	None	None
web_data/tested_conf	[]	[]
web_data/validation_history	date: 03.03.2021 lab: ACUMEN SECURITY, LLC validation_type: Initial	date: 11.05.2023 lab: ACUMEN SECURITY, LLC validation_type: Initial
web_data/vendor	Cisco Systems, Inc.	Cisco Systems, Inc.
web_data/vendor_url	http://www.cisco.com	http://www.cisco.com