Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Cisco Catalyst 9200 Series Switches
Cisco Catalyst 9200 Series Switches
cert_id 4556 3835
dgst b23826ecdcfe9d69 bbc0ac0c3f912b40
heuristics/algorithms KBKDF#A1462, DRBG#A1462, SHS#A1462, SHS#C1301, HMAC#A1462, CVL#A1462, KAS-SSC#A1462, AES#A1462, RSA#C1301, KTS#A1462, ECDSA#A1462, KAS#A1462, RSA#A1462, AES#4769 AES#C462, SHS#C462, DRBG#C462, RSA#C462, SHS#C1301, KTS#C462, HMAC#C462, RSA#C1301, ECDSA#C462, KBKDF#C462, CVL#C462, Triple-DES#C462, AES#4769
heuristics/policy_processed_references/directly_referenced_by 4098, 4043 {}
heuristics/policy_processed_references/indirectly_referenced_by 4098, 4043 {}
pdf_data/keywords/fips_certlike
  • Certlike:
    • AES 128: 2
    • AES CBC (128: 1
    • DES 2: 1
    • DRBG (256: 1
    • HMAC SHA-1: 1
    • HMAC- SHA1: 1
    • HMAC- SHA1 160: 2
    • HMAC-SHA-1: 4
    • HMAC-SHA1: 4
    • PKCS 1: 6
    • PKCS#1: 1
    • RSA 2048: 1
    • RSA PKCS#1: 1
    • SHA-1: 3
    • SHA-512: 3
    • SHA1: 1
    • SHA1 160: 2
    • SHA2-256: 2
    • SHA2-384: 2
    • SHA2-512: 2
  • Certlike:
    • AES 128: 2
    • AES CBC (128: 1
    • DES 2: 2
    • DRBG (256: 1
    • HMAC SHA-1: 1
    • HMAC- SHA1: 1
    • HMAC- SHA1 160: 2
    • HMAC-SHA 256/384: 2
    • HMAC-SHA-1: 4
    • HMAC-SHA1: 4
    • PKCS 1: 6
    • PKCS#1: 1
    • RSA 2048: 1
    • RSA PKCS#1: 1
    • SHA-1: 3
    • SHA-256: 2
    • SHA-384: 1
    • SHA-512: 3
    • SHA1: 1
    • SHA1 160: 2
    • SHA2-256: 2
    • SHA2-384: 2
    • SHA2-512: 2
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 16
    • RC:
      • RC4: 3
  • DES:
    • 3DES:
      • Triple-DES: 4
    • DES:
      • DES: 5
  • constructions:
    • MAC:
      • CMAC: 1
      • HMAC: 9
  • AES_competition:
    • AES:
      • AES: 13
    • RC:
      • RC4: 3
  • DES:
    • 3DES:
      • Triple-DES: 4
    • DES:
      • DES: 5
  • constructions:
    • MAC:
      • CMAC: 1
      • HMAC: 7
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 2
    • ECDH:
      • ECDH: 4
    • ECDSA:
      • ECDSA: 6
  • FF:
    • DH:
      • DH: 16
      • Diffie-Hellman: 4
  • RSA:
    • RSA 2048: 1
  • ECC:
    • ECC:
      • ECC: 1
    • ECDH:
      • ECDH: 3
    • ECDSA:
      • ECDSA: 5
  • FF:
    • DH:
      • DH: 15
      • Diffie-Hellman: 6
  • RSA:
    • RSA 2048: 1
pdf_data/keywords/hash_function
  • MD:
    • MD5:
      • MD5: 7
  • SHA:
    • SHA1:
      • SHA-1: 3
      • SHA1: 3
    • SHA2:
      • SHA-512: 3
  • MD:
    • MD5:
      • MD5: 7
  • SHA:
    • SHA1:
      • SHA-1: 3
      • SHA1: 3
    • SHA2:
      • SHA-256: 2
      • SHA-384: 1
      • SHA-512: 3
pdf_data/keywords/crypto_protocol
  • IKE:
    • IKE: 17
    • IKEv2: 9
  • IPsec:
    • IPsec: 7
  • SSH:
    • SSH: 19
  • TLS:
    • TLS:
      • TLS: 3
  • VPN:
    • VPN: 2
  • IKE:
    • IKE: 16
    • IKEv1: 1
    • IKEv2: 3
  • IPsec:
    • IPsec: 7
  • SSH:
    • SSH: 20
  • TLS:
    • TLS:
      • TLS: 26
      • TLSv1.2: 1
  • VPN:
    • VPN: 2
pdf_data/keywords/randomness
  • PRNG:
    • DRBG: 22
  • PRNG:
    • DRBG: 25
pdf_data/keywords/cipher_mode
  • CBC:
    • CBC: 1
  • CTR:
    • CTR: 1
  • ECB:
    • ECB: 2
  • GCM:
    • GCM: 7
  • CBC:
    • CBC: 3
  • CTR:
    • CTR: 1
  • ECB:
    • ECB: 2
  • GCM:
    • GCM: 9
pdf_data/keywords/ecc_curve
  • NIST:
    • P-256: 12
    • P-384: 8
  • NIST:
    • P-256: 12
    • P-384: 14
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 140: 1
    • FIPS 140-2: 20
    • FIPS 186-4: 3
    • FIPS PUB 140-2: 1
  • NIST:
    • SP 800-38D: 1
    • SP 800-90: 1
    • SP 800-90A: 7
  • PKCS:
    • PKCS 1: 3
    • PKCS#1: 1
  • RFC:
    • RFC 7296: 2
  • FIPS:
    • FIPS 140: 1
    • FIPS 140-2: 20
    • FIPS 186-4: 3
    • FIPS PUB 140-2: 1
  • NIST:
    • SP 800-38D: 1
    • SP 800-52: 1
    • SP 800-90: 1
    • SP 800-90A: 7
  • PKCS:
    • PKCS 1: 3
    • PKCS#1: 1
  • RFC:
    • RFC 4253: 1
    • RFC 5246: 1
    • RFC 5288: 1
    • RFC 6071: 1
    • RFC 7296: 2
pdf_data/policy_metadata
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2023_010923_0844.pdf https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/March 2021_010421_0724_signed.pdf
web_data/date_sunset 02.03.2026
web_data/description With full PoE+ capability, power and fan redundancy, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, and cold patching, Catalyst 9200 Series switches are the industry's unparalleled solution with differentiated resiliency and progressive architecture for cost-effective branch-office access. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. Advanced security feature supports IOS-XE software, MACsec encryption, hardware anchored secure boot, Secure Unique Device Identification (SUDI) support. With full PoE+ capability, power and fan redundancy, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, and cold patching, Catalyst 9200 Series switches are the industry’s unparalleled solution with differentiated resiliency and progressive architecture for cost-effective branch-office access. The switches meet FIPS 140-2 overall Level 1 requirements as multi-chip standalone modules. Advanced security feature supports IOS-XE software, MACsec encryption, hardware anchored secure boot, Secure Unique Device Identification (SUDI) support.
web_data/historical_reason SP 800-56Arev3 transition - replaced by certificate #4556
web_data/status active historical
web_data/validation_history
  • date: 02.08.2023
  • lab: ACUMEN SECURITY, LLC
  • validation_type: Initial
  • date: 03.03.2021
  • lab: ACUMEN SECURITY, LLC
  • validation_type: Initial