This page was not yet optimized for use on mobile
devices.
Cisco Secure Firewall Threat Defense Cryptographic Module (FPR 2100 Series)
Certificate #5035
Webpage information
Security policy
Symmetric Algorithms
AES-128, AES-192, AES-256, AES, AES-, CAST, HMACAsymmetric Algorithms
RSA 2048, RSA 4096, ECDH, ECDHE, ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1Schemes
MACProtocols
SSHv2, SSH, TLS v1.2, TLSv1.2, TLS, IKEv2, IKE, IPsec, VPNRandomness
DRBG, RBGElliptic Curves
P-256, P-384, P-521Block cipher modes
CTR, GCMTrusted Execution Environments
PSP, SSCVendor
Cisco Systems, Inc, CiscoSecurity level
Level 2, Level 1Certification process
out of scope, fails. Any firmware loaded into the module that is not shown on the module certificate, is out of scope of this validation and requires a separate FIPS 140-3 validation. 4.6 Cryptographic Output ActionsStandards
FIPS 140-3, FIPS186-4, FIPS 186-4, FIPS 198-1, FIPS 180-4, SP 800-140, SP 800-38A, SP 800-38D, SP 800-90A, SP 800-56A, SP 800-135, SP 800-52, PKCS 1, RFC7627, RFC 5288, RFC 7296, ISO/IEC 19790File metadata
| Author | Hawes, David J. (Fed) |
|---|---|
| Creation date | D:20250630075415-04'00' |
| Modification date | D:20250630075624-04'00' |
| Pages | 70 |
| Creator | Acrobat PDFMaker 25 for Word |
| Producer | Adobe PDF Library 25.1.51 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 5035,
"dgst": "fec006833ca7c4b0",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": []
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"2100"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDH": {
"ECDH": 103,
"ECDHE": 1
},
"ECDSA": {
"ECDSA": 93
}
},
"FF": {
"DH": {
"DH": 100,
"Diffie-Hellman": 1
},
"DSA": {
"DSA": 3
}
},
"RSA": {
"RSA 2048": 2,
"RSA 4096": 1
}
},
"certification_process": {
"OutOfScope": {
"fails. Any firmware loaded into the module that is not shown on the module certificate, is out of scope of this validation and requires a separate FIPS 140-3 validation. 4.6 Cryptographic Output Actions": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CTR": {
"CTR": 1
},
"GCM": {
"GCM": 23
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 2,
"IKEv2": 91
},
"IPsec": {
"IPsec": 1
},
"SSH": {
"SSH": 134,
"SSHv2": 126
},
"TLS": {
"TLS": {
"TLS": 146,
"TLS v1.2": 9,
"TLSv1.2": 121
}
},
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {
"MAC": {
"MAC": 21
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 34,
"P-384": 8,
"P-521": 12
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 3,
"#2": 3,
"#3": 3,
"#9": 1
}
},
"fips_certlike": {
"Certlike": {
"- PKCS 1": 2,
"AES 3301": 12,
"AES-128": 5,
"AES-192": 2,
"AES-256": 2,
"DRBG 384": 1,
"DRBG 819": 19,
"HMAC 2095": 30,
"HMAC-SHA-1": 16,
"PKCS 1": 2,
"RSA 2048": 2,
"RSA 4096": 1,
"SHA-1": 10,
"SHA2- 256": 3,
"SHA2- 384": 2,
"SHA2- 512": 1,
"SHA2-224": 4,
"SHA2-256": 13,
"SHA2-384": 6,
"SHA2-512": 13,
"SHA3- 256": 1,
"SHS 2737": 6
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 10
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 110
},
"RNG": {
"RBG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 6,
"FIPS 180-4": 9,
"FIPS 186-4": 9,
"FIPS 198-1": 9,
"FIPS186-4": 34
},
"ISO": {
"ISO/IEC 19790": 2
},
"NIST": {
"SP 800-135": 4,
"SP 800-140": 1,
"SP 800-38A": 2,
"SP 800-38D": 2,
"SP 800-52": 1,
"SP 800-56A": 3,
"SP 800-90A": 2
},
"PKCS": {
"PKCS 1": 2
},
"RFC": {
"RFC 5288": 1,
"RFC 7296": 1,
"RFC7627": 6
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 37,
"AES-": 7,
"AES-128": 5,
"AES-192": 2,
"AES-256": 2
},
"CAST": {
"CAST": 76
}
},
"constructions": {
"MAC": {
"HMAC": 39
}
}
},
"tee_name": {
"AMD": {
"PSP": 18
},
"IBM": {
"SSC": 22
}
},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 5,
"Cisco Systems, Inc": 74
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Hawes, David J. (Fed)",
"/Comments": "",
"/Company": "",
"/CreationDate": "D:20250630075415-04\u002700\u0027",
"/Creator": "Acrobat PDFMaker 25 for Word",
"/Keywords": "",
"/ModDate": "D:20250630075624-04\u002700\u0027",
"/Producer": "Adobe PDF Library 25.1.51",
"/SourceModified": "",
"/Subject": "",
"/Title": "",
"pdf_file_size_bytes": 1471803,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/ftd-fmc.html",
"https://www.cisco.com/c/en/us/products/collateral/security/firepower-2100-series/datasheet-c78-742473.html"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 70
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "145538b719c5764ad09f10fa67dca3bfd1e8b46b6fb478fe3de30a4e3d263c62",
"policy_txt_hash": "ad40f995ad76ef3854783c89c656116f5468c0acec63bafacca74f1fb4d96dea"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When installed, initialized and configured as specified in Section Life-Cycle Assurance of the Security Policy. The tamper evident seals installed as indicated in the Security Policy",
"certificate_pdf_url": null,
"date_sunset": "2030-06-30",
"description": "Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. This unified software is capable of offering the functions of ASA and FirePOWER deployed on Cisco Firepower 2100 Series.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, services, and authentication: Level 3",
"Operational environment: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 2,
"mentioned_certs": {},
"module_name": "Cisco Secure Firewall Threat Defense Cryptographic Module (FPR 2100 Series)",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-07-01",
"lab": "Gossamer Security Solutions",
"validation_type": "Initial"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "http://www.cisco.com"
}
}