All modules
CMVP Validated Module · FIPS 140-3 Security Policy

Cisco Firepower Management Center Virtual Cryptographic Module

Certificate#5138StandardFIPS 140-3Level1TypeFirmware-hybridEmbodimentMulti-Chip Stand AloneStatusActiveVendorCisco Systems, Inc
High review priority  ·  no TCB surface named  ·  last validated 6 months ago. How this is derived →

Certificate

StandardFIPS 140-3
Overall level1
Module typeFirmware-hybrid
EmbodimentMulti-Chip Stand Alone
StatusActive
Sunset date1/14/2031
CaveatWhen installed, initialized and configured as specified in Section Life-Cycle Assurance of the Security Policy
VendorCisco Systems, Inc

Approved Algorithms (24)

AlgorithmACVP Cert
AES-CBCA4595
AES-GCMA4595
Counter DRBGA4595
ECDSA KeyGen (FIPS186-4)A4595
ECDSA SigGen (FIPS186-4)A4595
ECDSA SigVer (FIPS186-4)A4595
HMAC-SHA-1A4595
HMAC-SHA2-224A4595
HMAC-SHA2-256A4595
HMAC-SHA2-384A4595
HMAC-SHA2-512A4595
KAS-ECC-SSC Sp800-56Ar3A4595
KAS-FFC-SSC Sp800-56Ar3A4595
KDF SNMP (CVL)A4595
KDF SSH (CVL)A4595
RSA KeyGen (FIPS186-4)A4595
RSA SigGen (FIPS186-4)A4595
RSA SigVer (FIPS186-4)A4595
SHA-1A4595
SHA2-224A4595
SHA2-256A4595
SHA2-384A4595
SHA2-512A4595
TLS v1.2 KDF RFC7627 (CVL)A4595

Security Levels (Table 1)

Requirement areaLevel
Cryptographic Module Specification2
Cryptographic Module Interfaces3
Roles, Services, and Authentication4
Software/Firmware Security5
Operational Environment6
Non-Invasive SecurityN/A
Self-Tests1
Life-Cycle Assurance1
Mitigation of Other AttacksN/A

Derived Review-Risk Graph (review prompts, not findings)

flowchart LR
  %% Deterministic review-risk graph for Cisco Firepower Management Center Virtual Cryptographic Module
  %% Review prompts and evidence gaps, NOT vulnerability findings.
  subgraph CMVP["CMVP-disclosed clues"]
    C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Recovery</i>"]
    C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>SSHv2 Session Encrypt/Decrypt<br/>TLSv1.2 Session Encrypt/Decrypt<br/>SNMPv3 Session Encrypt/Decrypt</i>"]
    C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>HTTPS</i>"]
    C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>linux<br/>application</i>"]
  end
  subgraph Inference["Derived inference"]
    I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
    I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
    I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
    I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
  end
  subgraph Risk["Reviewer question"]
    R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
    R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
    R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
    R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
  end
  subgraph Evidence["Evidence needed to close"]
    E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
    E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
    E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
    E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
  end
  C2 --> I2 --> R2 --> E2
  C3 --> I3 --> R3 --> E3
  C5 --> I5 --> R5 --> E5
  C6 --> I6 --> R6 --> E6
  classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
  classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
  classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
  class C2,C3,C5,C6 clue;
  class I2,I3,I5,I6 infer;
  class R2,R3,R5,R6 risk;
  class E2,E3,E5,E6 evidence;
Underlying clues
flowchart LR
  %% Deterministic clue tier for Cisco Firepower Management Center Virtual Cryptographic Module
  %% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
  subgraph CMVP["CMVP-disclosed clues (deterministic)"]
    C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Recovery</i><br/>src: text:keyword"]
    C3["[high] Unauthenticated / self-test / status service surface<br/><i>SSHv2 Session Encrypt/Decrypt<br/>TLSv1.2 Session Encrypt/Decrypt<br/>SNMPv3 Session Encrypt/Decrypt</i><br/>src: securityPolicy.services"]
    C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>HTTPS</i><br/>src: text:keyword"]
    C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>linux<br/>application</i><br/>src: text:keyword"]
  end
  classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
  classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
  class C2,C5,C6 clueLow;
  class C3 clueHigh;

Security Policy, page by page

Page 1

Cisco Systems, Inc Cisco Firepower Management Center Virtual Cryptographic Module Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © 2021-2026 Cisco Systems, Inc. Cisco Systems logo is registered trademark of Cisco Systems, Inc.

Page 2
Table of Contents
#SectionPage
1General5
1.1Overview5
1.2Security Levels5
2Cryptographic Module Specification5
2.1Description5
2.2Tested and Vendor Affirmed Module Version and Identification7
2.3Excluded Components8
2.4Modes of Operation8
2.5Algorithms8
2.6Security Function Implementations10
2.7Algorithm Specific Information15
2.8RBG and Entropy15
2.9Key Generation16
2.10Key Establishment17
2.11Industry Protocols17
3Cryptographic Module Interfaces17
3.1Ports and Interfaces17
4Roles, Services, and Authentication18
4.1Authentication Methods18
4.2Roles18
4.3Approved Services18
4.4Non-Approved Services26
4.5External Software/Firmware Loaded26
4.6Bypass Actions and Status26
4.7Cryptographic Output Actions and Status26
5Software/Firmware Security27
5.1Integrity Techniques27
5.2Initiate on Demand27
6Operational Environment27
6.1Operational Environment Type and Requirements27
7Physical Security27
8Non-Invasive Security27
9Sensitive Security Parameters Management28
9.1Storage Areas28
9.2SSP Input-Output Methods28
9.3SSP Zeroization Methods28
9.4SSPs29
9.5Transitions39
10Self-Tests39
10.1Pre-Operational Self-Tests39
10.2Conditional Self-Tests40
10.3Periodic Self-Test Information43
10.4Error States45
11Life-Cycle Assurance45
11.1Installation, Initialization, and Startup Procedures45
11.2Administrator Guidance46
11.3Non-Administrator Guidance46
12Mitigation of Other Attacks46
Page 4
List of Tables
ItemPage
Table 1: Security Levels5
Table 2: Tested Module Identification – Software, Firmware, Hybrid (Executable Code Sets)7
Table 3: Tested Module Identification – Hybrid Disjoint Hardware7
Table 4: Tested Operational Environments - Software, Firmware, Hybrid7
Table 5: Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid7
Table 6: Modes List and Description8
Table 7: Approved Algorithms9
Table 8: Vendor-Affirmed Algorithms9
Table 9: Security Function Implementations15
Table 10: Entropy Certificates15
Table 11: Entropy Sources16
Table 12: Ports and Interfaces18
Table 13: Roles18
Table 14: Approved Services26
Table 15: Storage Areas28
Table 16: SSP Input-Output Methods28
Table 17: SSP Zeroization Methods29
Table 18: SSP Table 134
Table 19: SSP Table 239
Table 20: Pre-Operational Self-Tests39
Table 21: Conditional Self-Tests43
Table 22: Pre-Operational Periodic Information43
Table 23: Conditional Periodic Information44
Table 24: Error States45
Figure 1 Block Diagram6
Page 5
Security level
NameISO SectionRequirementLevel
11General1
22Cryptographic module specification1
33Cryptographic module interfaces1
44Roles, services, and authentication1
55Software/Firmware security1
66Operational environment1
77Physical security1
88Non-invasive securityN/A
99Sensitive security parameter management1
1010Self-tests1
1111Life-cycle assurance1
1212Mitigation of other attacksN/A
Overall LevelOverall Level1
1.1 Overview

Center Virtual VMware Cryptographic Module (hereinafter referred to as the Module or FMCv) with firmware version 7.4.2. The following details how this module meets the security requirements of FIPS 140-3, SP 800-140 and ISO/IEC 19790 for a Security Level 1 firmware The security requirements cover areas related to the design and implementation of a cryptographic module. These areas include cryptographic module specification; cryptographic indicates the actual security levels for each area of the cryptographic module.

1.2 Security Levels
2.1 Description

Purpose and Use: This module is a multi-chip standalone firmware hybrid cryptographic module deployed as the virtualized version of the Cisco Firepower Management Center with underlying operating system identified as Linux 4 (also referred to as Firepower eXtensible Operating System or FX-OS) throughout this document. The Module’s operational environment is non-modifiable. The module is the administrative nerve center for managing critical Cisco network security solutions. It provides complete and unified management over firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection, quickly and easily go from managing a firewall to controlling applications to investigating and remediating malware outbreaks. It is a key part of the broad and integrated Cisco Secure portfolio, delivering in-depth © 2021-2026 Cisco Systems, Inc.

Page 6

analysis, streamlined security management across the network and cloud, and accelerated incident investigation and response, working across Cisco and third-party technologies. The Firewall Management Center (FMC) discovers real-time information about changing network resources and operations. The Management Center is the centralized point for event and policy management for the following solutions:

Page 7
Module configuration
NameModelOperating SystemHardware PlatformHardware VersionFirmware VersionSoftware VersionProcessorPaa PaiHypervisorPackageIntegrity Test
Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gz7.4.2Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gzHMAC- SHA2-512
UCS C220 M5S SFF ServerUCS C220 M5S SFF Server1.0VMware ESXi 7.0Intel Xeon Platinum 8160 (Skylake)
Linux 4 (FX- OS)Linux 4 (FX- OS)UCS C220 M5S SFF Server7.4.2Intel Xeon Platinum 8160 (Skylake)YesVMware ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M7 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C225 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C480 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS-E1100D M6 SFF Server w/ESXi 7.0
Module configuration
NameModelOperating SystemHardware PlatformHardware VersionFirmware VersionSoftware VersionProcessorPaa PaiHypervisorPackageIntegrity Test
Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gz7.4.2Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gzHMAC- SHA2-512
UCS C220 M5S SFF ServerUCS C220 M5S SFF Server1.0VMware ESXi 7.0Intel Xeon Platinum 8160 (Skylake)
Linux 4 (FX- OS)Linux 4 (FX- OS)UCS C220 M5S SFF Server7.4.2Intel Xeon Platinum 8160 (Skylake)YesVMware ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M7 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C225 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C480 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS-E1100D M6 SFF Server w/ESXi 7.0
Module configuration
NameModelOperating SystemHardware PlatformHardware VersionFirmware VersionSoftware VersionProcessorPaa PaiHypervisorPackageIntegrity Test
Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gz7.4.2Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gzHMAC- SHA2-512
UCS C220 M5S SFF ServerUCS C220 M5S SFF Server1.0VMware ESXi 7.0Intel Xeon Platinum 8160 (Skylake)
Linux 4 (FX- OS)Linux 4 (FX- OS)UCS C220 M5S SFF Server7.4.2Intel Xeon Platinum 8160 (Skylake)YesVMware ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M7 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C225 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C480 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS-E1100D M6 SFF Server w/ESXi 7.0
Module configuration
NameModelOperating SystemHardware PlatformHardware VersionFirmware VersionSoftware VersionProcessorPaa PaiHypervisorPackageIntegrity Test
Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gz7.4.2Cisco_Secure_FW_Mgmt_Center_Virtual300_VMware- 7.4.2-172.tar.gzHMAC- SHA2-512
UCS C220 M5S SFF ServerUCS C220 M5S SFF Server1.0VMware ESXi 7.0Intel Xeon Platinum 8160 (Skylake)
Linux 4 (FX- OS)Linux 4 (FX- OS)UCS C220 M5S SFF Server7.4.2Intel Xeon Platinum 8160 (Skylake)YesVMware ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C220 M7 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C225 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C240 M6 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS C480 M5 SFF Server w/ESXi 7.0
Linux 4 (FX-OS)Linux 4 (FX-OS)UCS-E1100D M6 SFF Server w/ESXi 7.0
2.2 Tested and Vendor Affirmed Module Version and Identification

Tested Module Identification

Page 8
Approved algorithm
NameCAVP CertPropertiesReference
AES-CBCA4595Key Length - 128, 256SP 800-38A
AES-GCMA4595Key Length - 128, 256SP 800-38D
Counter DRBGA4595Prediction Resistance - Yes Mode - AES-256 Derivation Function Enabled - YesSP 800-90A Rev. 1
ECDSA KeyGen (FIPS186-4)A4595Curve - P-256, P-384, P-521FIPS 186-4
ECDSA SigGen (FIPS186-4)A4595Curve - P-256, P-384, P-521 Hash Algorithm - SHA2-256, SHA2-384, SHA2-512FIPS 186-4
ECDSA SigVer (FIPS186-4)A4595Curve - P-256, P-384, P-521 Hash Algorithm - SHA2-256, SHA2-384, SHA2-512FIPS 186-4
HMAC-SHA-1A4595Key Length - Key Length: 8-524288 Increment 8FIPS 198-1
HMAC-SHA2-224A4595Key Length - Key Length: 8-524288 Increment 8FIPS 198-1
HMAC-SHA2-256A4595Key Length - Key Length: 8-524288 Increment 8FIPS 198-1
HMAC-SHA2-384A4595Key Length - Key Length: 8-524288 Increment 8FIPS 198-1
HMAC-SHA2-512A4595Key Length - Key Length: 8-524288 Increment 8FIPS 198-1
KAS-ECC-SSC Sp800-56Ar3A4595Domain Parameter Generation Methods - P- 256, P-384, P-521SP 800-56A Rev. 3
KAS-FFC-SSC Sp800-56Ar3A4595Domain Parameter Generation Methods - ffdhe2048, ffdhe3072, ffdhe4096, modp-2048, modp-3072, modp-4096SP 800-56A Rev. 3
KDF SNMP (CVL)A4595Password Length - Password Length: 256, 64SP 800-135 Rev. 1
KDF SSH (CVL)A4595Cipher - AES-128, AES-192, AES-256SP 800-135 Rev. 1
RSA KeyGen (FIPS186-4)A4595Modulo - 2048, 3072FIPS 186-4
RSA SigGen (FIPS186-4)A4595Modulo - 2048, 3072FIPS 186-4
RSA SigVer (FIPS186-4)A4595Modulo - 2048, 3072FIPS 186-4
Safe Primes Key GenerationA4595Safe Prime Groups - ffdhe2048, ffdhe3072, ffdhe4096, modp-2048, modp-3072, modp- 4096SP 800-56A Rev. 3
SHA-1A4595Message Length - Message Length: 0-65536 Increment 8FIPS 180-4
SHA2-224A4595Message Length - Message Length: 0-65536 Increment 8FIPS 180-4
SHA2-256A4595Message Length - Message Length: 0-65536 Increment 8FIPS 180-4
SHA2-384A4595Message Length - Message Length: 0-65536 Increment 8FIPS 180-4
SHA2-512A4595Message Length - Message Length: 0-65536 Increment 8FIPS 180-4
TLS v1.2 KDF RFC7627 (CVL)A4595Hash Algorithm - SHA2-256, SHA2-384, SHA2-512SP 800-135 Rev. 1
2.3 Excluded Components

N/A for this module. Modes List and Description: Table 6: Modes List and Description The module has one Approved mode of operation and does not implement a Non-Approved following the steps in section 11 of this document, the module will only operate in the Approved mode of operation. The module doesn’t claim the implementation of a degraded mode

2.5 Algorithms

Approved Algorithms: © 2021-2026 Cisco Systems, Inc.

Page 9
Service
NamePropertiesI
CKGKey Type:AsymmetricN/AThe cryptographic module performs Cryptographic Key Generation (CKG) for asymmetric keys as per sections 4 and 5 in SP800-133rev2 (vendor affirmed) and FIPS 140-3 IG D.H. A seed (i.e., the random value) used in asymmetric key generation is a direct output from SP800-90Arev1 CTR_DRBG (A4595)

Table 7: Approved Algorithms Implementation Reference N/A Table 8: Vendor-Affirmed Algorithms Non-Approved, Allowed Algorithms: © 2021-2026 Cisco Systems, Inc.

Page 10
Service
NameDescriptionApproved FunctionsTypeProperties
KAS-FFC (SSHv2)Full KAS-FFC Key Agreement used for SSHv2 serviceKAS-FFC-SSC Sp800-56Ar3: (A4595) Domain Parameter Generation: MODP-2048, MODP-3072, MODP-4096 Safe Primes Key Generation: (A4595) KDF SSH: (A4595) Counter DRBG: (A4595) CKG: () Key Type: AsymmetricCKG KAS-FullCaveat:Key establishment methodology provides between 112 and 152 bits of security strength IG : IG D.F Path 2, Scenario 2, Split Key Confirmation : No Key Derivation : IG 2.4.B SP 800- 135rev1 CVL
KAS-ECC (SSHv2)Full KAS-ECC Key Agreement used for SSHv2 serviceKAS-ECC-SSC Sp800-56Ar3: (A4595) Curves: P-256, P-384, P-521 KDF SSH: (A4595) Counter DRBG: (A4595) CKG: () Key Type: AsymmetricCKG KAS-FullCaveat:Key establishment methodology provides between 128 and 256 bits of security strength IG : IG D.F Scenario 2, Path 2, Split Key Confirmation : No Key Derivation : IG 2.4.B SP 800- 135rev1 CVL
KAS-FFC (TLSv1.2)Full KAS-FFC Key Agreement used for TLSv1.2 serviceKAS-FFC-SSC Sp800-56Ar3: (A4595) Domain ParameterCKG KAS-FullCaveat:Key establishment methodology provides between 112 and 152 bits

N/A for this module. Non-Approved, Allowed Algorithms with No Security Claimed: N/A for this module. Non-Approved, Not Allowed Algorithms: N/A for this module.

2.6 Security Function Implementations
Page 11
Service
NameDescriptionRole AccessApproved FunctionsType
KAS-ECC (TLSv1.2)Full KAS-ECC Key Agreement used for TLSv1.2 serviceCaveat:Key establishment methodology provides between 128 and 256 bits of security strength IG : IG D.F Scenario 2, Path 2, Split Key Confirmation : No Key Derivation : IG 2.4.B SP 800- 135rev1 CVLKAS-ECC-SSC Sp800-56Ar3: (A4595) Curves: P-256, P-384, P-521 TLS v1.2 KDF RFC7627: (A4595) Counter DRBG: (A4595) CKG: () Key Type: AsymmetricCKG KAS-Full
KTS (SSHv2 with AES and HMAC)KTS via SSHv2 service by using AES and HMACCaveat:Key establishment methodology provides 128 or 256 bits of security strength Standard:SP 800- 38F IG D.G:"combination" method: use any approved symmetric encryption mode together with an approved authentication methodAES-CBC: (A4595) Key Length: 128, 256 HMAC-SHA-1: (A4595) HMAC-SHA2- 256: (A4595) SHA-1: (A4595) SHA2-256: (A4595)KTS-Unwrap KTS-Wrap
KTS (SSHv2 with AES-GCM)KTS via SSHv2 service by using AES-GCMCaveat:Key establishment methodologyAES-GCM: (A4595)KTS-Unwrap KTS-Wrap
Page 12
Sensitive security parameter
NameTypeDescriptionStrengthUse
KTS (TLSv1.2 with AES and HMAC)KTS-Unwrap KTS-WrapKTS via TLSv1.2 service by using AES and HMACAES-CBC: (A4595) Key Length: 128, 256 HMAC-SHA-1: (A4595) HMAC-SHA2- 256: (A4595) HMAC-SHA2- 384: (A4595) SHA-1: (A4595) SHA2-256: (A4595) SHA2-384: (A4595)Caveat:Key establishment methodology provides 128 or 256 bits of security strength Standard:SP 800- 38F IG D.G: "combination" method: use any approved symmetric encryption mode together with an approved authentication method
KTS (TLSv1.2 with AES-GCM)KTS-Unwrap KTS-WrapKTS via TLSv1.2 service by using AES- GCMAES-GCM: (A4595) Key Length: 128, 256Caveat: Key establishment methodology provides 128 or 256 bits of security strength Standard:SP 800- 38F IG D.G:method: use of any approved authenticated symmetric encryption mode
RSA KeyGen (SSHv2, TLSv1.2)AsymKeyPair- KeyGen CKGRSA KeyGen for SSHv2 and TLSv1.2 servicesRSA KeyGen (FIPS186-4): (A4595) Modulus: 2048, 3072 bits Counter DRBG:

AsymKeyPairKeyGen © 2021-2026 Cisco Systems, Inc.

Page 13
Service
NameDescriptionApproved FunctionsType
RSA SigGen (SSHv2, TLSv1.2)RSA SigGen for SSHv2 and TLSv1.2 servicesRSA SigGen (FIPS186-4): (A4595) Modulus: 2048, 3072 bitsDigSig-SigGen
RSA SigVer (SSHv2, TLSv1.2)RSA SigVer for SSHv2 and TLSv1.2 servicesRSA SigVer (FIPS186-4): (A4595) Modulus: 2048, 3072 bitsDigSig-SigVer
ECDSA KeyGen (SSHv2, TLSv1.2)ECDSA KeyGen for SSHv2 and TLSv1.2 servicesECDSA KeyGen (FIPS186-4): (A4595) Curves: P-256, P-384, P-521 Counter DRBG: (A4595) CKG: () Key Type: AsymmetricAsymKeyPair- KeyGen
ECDSA SigGen (SSHv2, TLSv1.2)ECDSA SigGen for SSHv2 and TLSv1.2 servicesECDSA SigGen (FIPS186-4): (A4595) Curves: P-256, P-384, P-521DigSig-SigGen
ECDSA SigVer (SSHv2, TLSv1.2)ECDSA SigVer for SSHv2 and TLSv1.2 servicesECDSA SigVer (FIPS186-4): (A4595) Curves: P-256, P-384, P-521DigSig-SigVer
SSHv2 Session Encrypt/DecryptSSHv2 session protection.AES-CBC: (A4595) Key Length: 128, 256 AES-GCM: (A4595) Key Length: 128, 256BC-Auth BC-UnAuth
SSHv2 Session AuthenticationSSHv2 Session Authentication.SHA-1: (A4595) SHA2-256: (A4595) HMAC-SHA-1: (A4595) HMAC-SHA2- 256: (A4595)MAC
SSHv2 Keying Materials DevelopmentSSHv2 session keying materials, used to derive SSHv2 session keys.KDF SSH: (A4595)KAS-135KDF
TLSv1.2 Session Encrypt/DecryptTLSv1.2 session protection.AES-CBC: (A4595) Key Length: 128, 256 AES-GCM: (A4595) Key Length: 128, 256BC-Auth BC-UnAuth
TLSv1.2 Session AuthenticationTLSv1.2 session authentication.SHA-1: (A4595) SHA2-256: (A4595) SHA2-384: (A4595) HMAC-SHA-1: (A4595) HMAC-SHA2- 256: (A4595) HMAC-SHA2- 384: (A4595)MAC
TLSv1.2 Keying Materials DevelopmentTLSv1.2 session keying materials, used to derive TLS session keys.TLS v1.2 KDF RFC7627: (A4595)KAS-135KDF
SNMPv3 Session Encrypt/DecryptSNMPv3 session protection.AES-CBC: (A4595) Key Length: 128, 256BC-UnAuth
SNMPv3 Session AuthenticationSNMPv3 session authentication.SHA-1: (A4595) SHA2-224: (A4595) SHA2-256: (A4595) SHA2-384: (A4595) HMAC-SHA-1: (A4595) HMAC-SHA2- 224: (A4595) HMAC-SHA2- 256: (A4595) HMAC-SHA2- 384: (A4595)MAC
SNMPv3 Keying Materials DevelopmentSNMPv3 session keying materials, used to derive SNMPv3 session keys.KDF SNMP: (A4595)KAS-135KDF
DRBG FunctionUsed for DRBG generationCounter DRBG: (A4595)DRBG
Page 15

Table 9: Security Function Implementations

2.7 Algorithm Specific Information
2.8 RBG and Entropy

Table 10: Entropy Certificates © 2021-2026 Cisco Systems, Inc.

Page 16
Sensitive security parameter
NameTypeStrengthOperational EnvironmentConditioning Component
Cisco Jitter Entropy SourceNon- Physical256 bitsIntel Xeon Platinum 8160 (Skylake)Full entropyA2810 (SHA3- 256)

NonPhysical Table 11: Entropy Sources A2810 (SHA3256) The module employs a Deterministic Random Bit Generator (DRBG) implementation based on SP800-90Arev1. This DRBG is used internally by the module (e.g. to generate symmetric keys, seeds for asymmetric key pairs, and random numbers for security functions). The DRBG implemented is an AES-256 Counter DRBG, seeded by the entropy source described in the table above. The Counter DRBG utilizes the Derivation Function and employs prediction resistance. The DRBG is instantiated with a 384-bits long entropy input (corresponding to 384 bits of entropy). Additionally, the DRBG is reseeded with a 256-bits long entropy input (corresponding

2.9 Key Generation

The module implements Cryptographic Key Generation (CKG, vendor affirmed), compliant with SP 800- 133r2. When random values are required, they are obtained from the SP 800-90Ar1 approved DRBG, compliant with Section 4 of SP 800-133r2. The following methods are implemented:

Page 17
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
N/AN/AData InputArguments for an API that provide the data to be used for processed by the module.
N/AN/AData OutputArguments output from an API call.
N/AN/AControl InputArguments for an API call used to control and configure module operation.
N/AN/AControl OutputArguments for an API call used to control and configure a connected Approved Cisco Firewall Thread Defense module.
N/AN/AStatus OutputReturn values, and/or log messages.
N/AN/APowerProvide the Power Supply to the module.
2.10 Key Establishment

The module provides the following key/SSP establishment services in the approved mode of KAS-FFC Shared Secret Computation:

7919 (TLS). Note that the module only implements domain parameter generation, key

pair generation and verification, and shared secret computation.

2.11 Industry Protocols

The module supports SSHv2, TLSv1.2 and SNMPv3 industrial protocols. No parts of SSHv2, TLSv1.2 or SNMPv3 protocols, other than the KDFs, have been tested by the CAVP and CMVP. Please refer to SSPs Table for more information.

3 Cryptographic Module Interfaces
3.1 Ports and Interfaces
Page 18
Service
NameDescriptionRole AccessCsps AccessedApproved FunctionsIndicatorTypeInputOutput
Crypto OfficerCrypto OfficerRoleNone
Show StatusProvide Module's current statusCrypto OfficerNoneNoneAPI comman d to show status.Module's current status.
Show VersionProvide Module's name/IDCrypto OfficerNoneNoneAPI commanModule's name "Secure
Service
NameDescriptionRole AccessCsps AccessedApproved FunctionsIndicatorTypeInputOutput
Crypto OfficerCrypto OfficerRoleNone
Show StatusProvide Module's current statusCrypto OfficerNoneNoneAPI comman d to show status.Module's current status.
Show VersionProvide Module's name/IDCrypto OfficerNoneNoneAPI commanModule's name "Secure
and versioning informatio n.and versioning informatio n.d "show version"Firewall Manageme nt Center for VMWare" and versioning information
Perform Self- TestsPerform Self-Tests (Pre- operationa l self-tests and Conditiona l Self- Tests)Crypto OfficerNoneNoneAPI comman ds to conduct on- demand Self- Tests.Status of the self- tests results.
Perform Zeroizati onPerform Zeroizatio n.Crypto Officer - DRBG Entropy Input: Z - DRBG Seed: Z - DRBG Internal State V value: Z - DRBG Key: Z - SSH DH Private Key: Z - SSH DH Public Key: Z - SSH Peer DH Public Key: Z - SSH DH Shared Secret: Z - SSH ECDH Private Key: Z - SSH ECDH Public Key:NoneNoneAPI comman ds to conduct Zeroizati on operation or Power down the tested platform.Status of the SSPs zeroization.

N/A N/A Table 12: Ports and Interfaces The module’s physical perimeter encompasses the case of the tested platform mentioned in Table 2. The module provides its logical interfaces via Application Programming Interface (API) calls. The logical interfaces provided by the module are mapped onto the FIPS 140-3 interfaces (data input, data output, control input, control output and status output) as follows.

4 Roles, Services, and Authentication
4.2 Roles

Table 13: Roles The module supports Crypto Officer (CO) role. The module does not allow concurrent operators. The Crypto Officer is implicitly assumed based on the service requested.

4.3 Approved Services

The following tables detail the types of approved services available to each role in approved mode of operation, the types of access for each role and the Keys or SSPs they affect.

Page 19

SelfTests n n. (Preoperationa l SelfTests) n. ondemand SelfTests. the selftests © 2021-2026 Cisco Systems, Inc. Z Z Z

Page 20
Service
NameCsps AccessedDescriptioSecurity
nAccessnFunctions
Page 21
Service
NameDescriptionCsps AccessedApproved FunctionsIndicatorInputOutput
Configur e NetworkSets configurati on of the systems.Crypto OfficerNoneNoneAPI comman ds to configure the module.Status of the completion of network related configuratio n.
Configur e SSHv2 FunctionConfigure SSHv2 FunctionCrypto Officer - SSH RSA Private Key: G,W,E - SSH RSA Public Key: G,R,W - SSH ECDSA Private Key: G,W,E - SSH ECDSA Public Key: G,R,W - DRBG Entropy Input: G,W,E - DRBG Seed: G,W,E - DRBG Internal State V value: G,W,E - DRBG Key: G,W,EKTS (SSHv2 with AES and HMAC) KTS (SSHv2 with AES- GCM) RSA KeyGen (SSHv2, TLSv1.2) ECDSA KeyGen (SSHv2, TLSv1.2) DRBG FunctionGlobal Indicator and SSHv2 configurati on success status message.API comman ds to configure SSHv2.Status of the completion of SSHv2 configuratio n.
Configur e HTTPS over TLSv1.2 FunctionConfigure HTTPS over TLSv1.2 Function.Crypto Officer - TLS RSA Private Key: G,W,E - TLS RSA Public Key: G,R,W - TLS ECDSA Private Key: G,W,E - TLS ECDSA Public Key: G,R,W - DRBG Entropy Input:KTS (TLSv1.2 with AES and HMAC) KTS (TLSv1.2 with AES- GCM) RSA KeyGen (SSHv2, TLSv1.2) ECDSA KeyGen (SSHv2, TLSv1.2) DRBG FunctionGlobal Indicator and HTTPS over TLSv1.2 configurati on success status message.API comman ds to configure HTTPS over TLSv1.2Status of the completion of HTTPS over TLSv1.2 configuratio n.
Configur e SNMPv3 FunctionConfigure SNMPv3 FunctionCrypto Officer - SNMPv3 Authenticati on/ Privacy Password: W,E - SNMPv3 Encryption Key: G,W,E - SNMPv3 Authenticati on Key: G,W,EKTS (TLSv1.2 with AES and HMAC) KTS (TLSv1.2 with AES- GCM) SNMPv3 Keying Materials DevelopmentGlobal Indicator and SNMPv3 configurati on on success status message.API comman ds to configure SNMPv3.Status of the completion of SNMPv3 configuratio n.
Run SSHv2 FunctionExecute SSHv2 FunctionCrypto Officer - SSH DH Private Key: G,W,E - SSH DH Public Key: G,R,W - SSH Peer DH Public Key: W,E - SSH DH Shared Secret: G,W,E - SSH ECDH Private Key: G,W,E - SSH ECDH Public Key: G,R,W - SSH PeerKAS-FFC (SSHv2) KAS-ECC (SSHv2) KTS (SSHv2 with AES and HMAC) KTS (SSHv2 with AES- GCM) RSA SigGen (SSHv2, TLSv1.2) RSA SigVer (SSHv2, TLSv1.2) ECDSA SigGen (SSHv2, TLSv1.2) ECDSA SigVer (SSHv2, TLSv1.2)Global Indicator and Successful SSHv2 log message.API comman ds to execute SSHv2 service.Status of SSHv2 secure tunnel establishme nt.
SSHv2 Session Encrypt/Decr ypt SSHv2 Session Authenticatio n SSHv2 Keying Materials Development DRBG FunctionECDH Public Key: W,E - SSH ECDH Shared Secret: G,W,E - SSH RSA Private Key: G,W,E - SSH RSA Public Key: G,R,W - SSH ECDSA Private Key: G,W,E - SSH ECDSA Public Key: G,R,W - SSH Session Encryption Key: G,W,E - SSH Session Authenticati on Key: G,W,E - DRBG Entropy Input: G,W,E - DRBG Seed: G,W,E - DRBG Internal State V value: G,W,E - DRBG Key: G,W,ESSHv2 Session Encrypt/Decr ypt SSHv2 Session Authenticatio n SSHv2 Keying Materials Development DRBG Function
Run HTTPS overExecute HTTPS overCrypto Officer - TLS DH Private Key:KAS-FFC (TLSv1.2) KAS-ECC (TLSv1.2)Global Indicator and SuccessfulAPI comman d to executeStatus of HTTPS over TLSv1.2
TLSv1.2 FunctionTLSv1.2 Function.G,W,E - TLS DH Public Key: G,R,W - TLS Peer DH Public Key: W,E - TLS DH Shared Secret: G,W,E - TLS ECDH Private Key: G,W,E - TLS ECDH Public Key: G,R,W - TLS Peer ECDH Public Key: W,E - TLS ECDH Shared Secret: G,W,E - TLS RSA Private Key: G,W,E - TLS RSA Public Key: G,R,W - TLS ECDSA Private Key: G,W,E - TLS ECDSA Public Key: G,R,W - TLS Master Secret: G,W,E - TLS Session Encryption Key: G,W,E - TLS SessionKTS (SSHv2 with AES and HMAC) KTS (SSHv2 with AES- GCM) RSA SigGen (SSHv2, TLSv1.2) RSA SigVer (SSHv2, TLSv1.2) ECDSA SigGen (SSHv2, TLSv1.2) ECDSA SigVer (SSHv2, TLSv1.2) TLSv1.2 Session Encrypt/Decr ypt TLSv1.2 Session Authenticatio n TLSv1.2 Keying Materials Development DRBG FunctionHTTPS over TLSv1.2 log message.HTTPS over TLSv1.2 service.establishme nt.
Run SNMPv3 FunctionExecute SNMPv3 Function.Crypto Officer - SNMPv3 Authenticati on/ Privacy Password: W,E - SNMPv3 Encryption Key: G,W,E - SNMPv3 Authenticati on Key: G,W,ESNMPv3 Session Encrypt/Decr ypt SNMPv3 Session Authenticatio n SNMPv3 Keying Materials DevelopmentGlobal Indicator and Successful SNMPv3 log message.API comman d to execute SNMPv3 service.Status of SNMPv3 service.
Page 22

n n. n. © 2021-2026 Cisco Systems, Inc. with AESGCM) with AESGCM) G,W,E G,R,W G,W,E G,R,W G,W,E G,W,E G,W,E G,W,E G,R,W G,W,E G,R,W

Page 23

n e n. with AESGCM) with AESGCM) © 2021-2026 Cisco Systems, Inc. G,W,E G,W,E G,W,E W,E G,W,E G,W,E G,R,W G,W,E G,W,E G,R,W

Page 25

n © 2021-2026 Cisco Systems, Inc. with AESGCM) n G,W,E G,R,W G,W,E G,W,E G,R,W W,E G,W,E G,W,E G,R,W G,W,E G,R,W G,W,E

Page 26
4.4 Non-Approved Services
4.5 External Software/Firmware Loaded
4.6 Bypass Actions and Status
4.7 Cryptographic Output Actions and Status
Page 27
5 Software/Firmware Security
5.1 Integrity Techniques

The module is provided in the form of binary executable code. To ensure the firmware security, the module is protected by HMAC-SHA2-512 (HMAC Certs. #A4595) algorithm. The firmware integrity test key (non-SSP) was preloaded to the module’s binary the factory and used for firmware integrity test only at the pre-operational self-test. At Module’s initialization, the integrity of the runtime executable is verified using a HMAC-SHA2-512 digest which is compared to a value computed at build time. If at the load time the MAC does not match the stored, known MAC value, the module would enter to an Error state with all crypto functionality inhibited.

5.2 Initiate on Demand

Integrity test is performed as part of the Pre-Operational Self-Tests. It is automatically executed at power-on. The operator can power-cycle or reboot the tested platform to initiate the firmware integrity test on-demand.

6 Operational Environment
6.1 Operational Environment Type and Requirements

Type of Operational Environment: Non-Modifiable The module is a firmware hybrid module, which is operated in a non-modifiable operational environment per FIPS 140-3 level 1 specifications. The module’s firmware version running on each tested platform is 7.4.2. The module has control over its own SSPs. The process and memory management functionality of the host device’s OS prevent unauthorized access to plaintext private and secret keys, intermediate key generation values and other SSPs by external processes during module execution. The module only allows access to SSPs through its well-defined API. The operational environments provide the capability to separate individual application processes from each other by preventing uncontrolled access to CSPs and uncontrolled modifications of SSPs regardless of whether this data is in the process memory or stored on persistent storage within the operational environment. Processes that are spawned by the module are owned by the module and are not owned by external processes/operators.

7 Physical Security

The module is running on the multi-chip standalone production grade platform to meet physical security requirements from FIPS 140-3 level

  1. The module’s Tested Operational Environment’s Physical Perimeter (TOEPP) is drawn at the casing of the tested platforms in Table
  2. The module’s tested platforms consist of production-grade components.
8 Non-Invasive Security

N/A for this module. © 2021-2026 Cisco Systems, Inc.

Page 28
Sensitive security parameter
NameTypeDescription
DRAMDynamicVolatile memory provided by the ESXi host for the module temporary.
FlashStaticNon-Volatile memory provided by the ESXi host for the module to retain memory across power-cycles.
Service
NameApproved FunctionsTypeFromTo
Peer Public Key InputPlaintextExternal (Outside of the TOEPP)TOEPPAutomatedElectronic
Module Public Key OutputPlaintextTOEPPExternal (Outside of the TOEPP)AutomatedElectronic
Secret Input via SSHv2 encrypted by GCMKTS (SSHv2 with AES- GCM)EncryptedExternal (Outside of the TOEPP)TOEPPAutomatedElectronic
Secret Input via SSHv2 encrypted by AES and HMACKTS (SSHv2 with AES and HMAC)EncryptedExternal (Outside of the TOEPP)TOEPPAutomatedElectronic
Secret Input via TLS encrypted by GCMKTS (TLSv1.2 with AES- GCM)EncryptedExternal (Outside of the Module's Boundary)TOEPPAutomatedElectronic
Secret Input via TLS encrypted by AES and HMACKTS (TLSv1.2 with AES and HMAC)EncryptedExternal (Outside of the Module's Boundary)TOEPPAutomatedElectronic
9 Sensitive Security Parameters Management
9.1 Storage Areas
9.2 SSP Input-Output Methods

with AESGCM) with AESGCM) Table 16: SSP Input-Output Methods

9.3 SSP Zeroization Methods
Page 29
Sensitive security parameter
NameTypeDescriptionStrengthGenerationEstablishmentZeroizationUseOperator Initiation Delete the virtual machine from the VMware ESXi host.
Session termination will automatically zeroize all session based temporary SSPsZeroization upon session terminationSession TerminationTerminate session
Reboot to zeroize all temporary SSPs stored in volatile memoryZeroization upon rebooting the moduleRebootReboot
DRBG Entropy InputEntropy Input - CSPUsed to seed the DRBG384 bits - at least 256 bitsDRBG Function
DRBG SeedDRBG Seed - CSPUsed in DRBG Generation256 bits - 256 bitsDRBG Function
DRBG Internal State V valueDRBG Internal State V value - CSPUsed in DRBG Generation256 bits - 256 bitsDRBG Function
DRBG KeyDRBG Key - CSPUsed in DRBG Generation256 bits - 256 bitsDRBG Function
SSH DH Private KeyPrivate Key - CSPUsed to derive the SSH DH Shared SecretMODP- 2048, MODP- 3072, MODP- 4096 - 112 to 152 bitsKAS- FFC (SSHv2)KAS-FFC (SSHv2)
SSH DH Public KeyPublic Key - PSPUsed to derive SSH DH Shared SecretMODP- 2048, MODP- 3072, MODP- 4096 - 112 to 152 bitsKAS-FFC (SSHv2)
Sensitive security parameter
NameTypeDescriptionStrengthGenerationEstablishmentStorageZeroizationUseOperator Initiation Delete the virtual machine from the VMware ESXi host.Related SSPs
Session termination will automatically zeroize all session based temporary SSPsZeroization upon session terminationSession TerminationTerminate session
Reboot to zeroize all temporary SSPs stored in volatile memoryZeroization upon rebooting the moduleRebootReboot
DRBG Entropy InputEntropy Input - CSPUsed to seed the DRBG384 bits - at least 256 bitsDRBG Function
DRBG SeedDRBG Seed - CSPUsed in DRBG Generation256 bits - 256 bitsDRBG Function
DRBG Internal State V valueDRBG Internal State V value - CSPUsed in DRBG Generation256 bits - 256 bitsDRBG Function
DRBG KeyDRBG Key - CSPUsed in DRBG Generation256 bits - 256 bitsDRBG Function
SSH DH Private KeyPrivate Key - CSPUsed to derive the SSH DH Shared SecretMODP- 2048, MODP- 3072, MODP- 4096 - 112 to 152 bitsKAS- FFC (SSHv2)KAS-FFC (SSHv2)
SSH DH Public KeyPublic Key - PSPUsed to derive SSH DH Shared SecretMODP- 2048, MODP- 3072, MODP- 4096 - 112 to 152 bitsKAS-FFC (SSHv2)
SSH Peer DH Public KeyPublic Key - PSPUsed to derive SSH DH Shared SecretMODP- 2048, MODP- 3072, MODP- 4096 - 112 to 152 bitsKAS-FFC (SSHv2)
SSH DH Shared SecretShared Secret - CSPUsed to derive SSH Session Encryption Keys, SSH Session Authenticati on KeysMODP- 2048, MODP- 3072, MODP- 4096 - 112 to 152 bitsKAS-FFC (SSHv2)SSHv2 Keying Materials Development
SSH ECDH Private KeyPrivate Key - CSPUsed to derive the SSH ECDH Shared SecretCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS- ECC (SSHv2)KAS-ECC (SSHv2)
SSH ECDH Public KeyPublic Key - PSPUsed to derive the SSH ECDH Shared SecretCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS-ECC (SSHv2)
SSH Peer ECDH Public KeyPublic Key - PSPUsed to derive SSH DH Shared SecretCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS-ECC (SSHv2)
SSH ECDH Shared SecretShared Secret - CSPUsed to derive SSH Session Encryption Keys, SSH Session Authenticati on KeysCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS-ECC (SSHv2)SSHv2 Keying Materials Development
SSH RSA Private KeyPrivate Key - CSPUsed for SSH session authenticati onModulus 2048 and 3072 bits -RSA KeyGen (SSHv2, TLSv1.2)RSA SigGen (SSHv2, TLSv1.2)
SSH RSA Public KeyPublic Key - PSPUsed for SSH session authenticati onModulus 2048 and 3072 bits - 112 or 128 bitsRSA KeyGen (SSHv2, TLSv1.2)
SSH ECDSA Private KeyPrivate Key - CSPUsed for SSH session authenticati onCurves: P-256, P-384, P-521 - 128 to 256 bitsECDSA KeyGen (SSHv2, TLSv1.2)ECDSA SigGen (SSHv2, TLSv1.2)
SSH ECDSA Public KeyPublic Key - PSPUsed for SSH session authenticati onCurves: P-256, P-384, P-521 - 128 to 256 bitsECDSA SigGen (SSHv2, TLSv1.2)
SSH Session Encryption KeySymmetric Key - CSPUsed for SSH session confidentiali ty protection128, 256 bits - 128, 256 bitsSSHv2 Keying Materials Developm entSSHv2 Session Encrypt/Decr ypt
SSH Session Authenticati on KeySession Key - CSPUsed for SSH Session integrity protectionAt least 160 bits - At least 160 bitsSSHv2 Keying Materials Developm entSSHv2 Session Authenticatio n
TLS DH Private KeyPrivate Key - CSPUsed to Derive TLS DH Shared Secretffdhe204 8, ffdhe307 2, ffdhe409 6 - 112 to 152 bitsKAS- FFC (TLSv1.2 )KAS-FFC (TLSv1.2)
TLS DH Public KeyPublic Key - PSPUsed to Derive TLS DH Shared Secretffdhe204 8, ffdhe307 2, ffdhe409 6 - 112KAS-FFC (TLSv1.2)
TLS Peer DH Public KeyPublic Key - PSPUsed to derive TLS DH Shared Secretffdhe204 8, ffdhe307 2, ffdhe409 6 - 112 to 152 bitsKAS-FFC (TLSv1.2)
TLS DH Shared SecretShared Secret - CSPUsed to Derive TLS Session Encryption Key and TLS Session Authenticati on Keyffdhe204 8, ffdhe307 2, ffdhe409 6 - 112 to 152 bitsKAS-FFC (TLSv1.2)TLSv1.2 Keying Materials Development
TLS ECDH Private KeyPrivate Key - CSPUsed to Derive TLS ECDH Shared SecretCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS- ECC (TLSv1.2 )KAS-ECC (TLSv1.2)
TLS ECDH Public KeyPublic Key - PSPUsed to Derive TLS ECDH Shared SecretCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS-ECC (TLSv1.2)
TLS Peer ECDH Public KeyPublic Key - PSPUsed to derive TLS ECDH Shared SecretCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS-ECC (TLSv1.2)
TLS ECDH Shared SecretShared Secret - CSPUsed to Derive TLS Session Encryption Key and TLS Session Authenticati on KeyCurves: P-256, P-384, P-521 - 128 to 256 bitsKAS-ECC (TLSv1.2)TLSv1.2 Keying Materials Development
TLS RSA Private KeyPrivate Key - CSPUsed to support CO HTTPS interfacesModulus 2048 and 3072 bits - 112 or 128 bitsRSA KeyGen (SSHv2, TLSv1.2)RSA SigGen (SSHv2, TLSv1.2)
TLS RSA Public KeyPublic Key - PSPUsed to support CO HTTPS interfacesModulus 2048 and 3072 bits - 112 or 128 bitsRSA KeyGen (SSHv2, TLSv1.2)
TLS ECDSA Private KeyPrivate Key - CSPUsed to support CO HTTPS interfacesCurves: P-256, P-384, P-521 - 128 to 256 bitsECDSA KeyGen (SSHv2, TLSv1.2)ECDSA SigGen (SSHv2, TLSv1.2)
TLS ECDSA Public KeyPublic Key - PSPUsed to support CO HTTPS interfacesCurves: P-256, P-384, P-521 - 128 to 256 bitsECDSA KeyGen (SSHv2, TLSv1.2)
TLS Master SecretMaster Secret - CSPUsed to protect HTTPS Session384 bits - 384 bitsTLSv1.2 Keying Materials Developm entTLSv1.2 Session Encrypt/Decr ypt TLSv1.2 Session Authenticatio n
TLS Session Encryption KeySymmetric Key - CSPUsed to protect HTTPS Session128, 256 bits - 128, 256 bitsTLSv1.2 Keying Materials Developm entTLSv1.2 Session Encrypt/Decr ypt
TLS Session Authenticati on KeyMessage Authenticati on Key - CSPUsed to authenticat e HTTPS Session160, 256, 384 bits - 160, 256, 384 bitsTLSv1.2 Keying Materials Developm entTLSv1.2 Session Authenticatio n
SNMPv3 AuthenticatiAuthenticati onUsed for SNMPv38-32 characte
on/ Privacy PasswordPassword - CSPuser authenticati onrs - 64 to 256 bits
SNMPv3 Encryption KeySymmetric Key - CSPUsed for SNMPv3 confidentiali ty128, 256 bits - 128 or 256 bitsSNMPv3 Keying Materials Developm entSSHv2 Session Encrypt/Decr ypt
SNMPv3 Authenticati on KeyAuthenticati on key - CSPUsed for SNMPv3 authenticati onAt least 160 bits - At least 160 bitsSNMPv3 Keying Materials Developm entSNMPv3 Session Authenticatio n
DRBG Entropy InputDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Seed:Used With DRBG Internal State V value:Used With DRBG Key:Used With
DRBG SeedDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Entropy Input:Used With DRBG Internal State V value:Used With DRBG Key:Used With
DRBG Internal State V valueDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Entropy Input:Used With DRBG Seed:Used With DRBG Key:Used With
DRBG KeyDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Entropy Input:Used With DRBG Seed:Used With DRBG Internal State V value:Used With
SSH DH Private KeyDRAM:PlaintextZeroization Command SessionWhile SSHSSH DH Public Key:Paired With SSH Peer DH

Table 17: SSP Zeroization Methods n h MODP2048, MODP3072, MODP2048, MODP3072, © 2021-2026 Cisco Systems, Inc. KASFFC

Page 30

n h MODP2048, MODP3072, MODP2048, MODP3072, © 2021-2026 Cisco Systems, Inc. KASECC

Page 31

n h n 8, 2, 8, 2, © 2021-2026 Cisco Systems, Inc. KASFFC )

Page 32

n h 8, 2, 8, 2, © 2021-2026 Cisco Systems, Inc. KASECC )

Page 34
Sensitive security parameter
NameTypeDescriptionStrengthEstablishmentStorageZeroizationUseRelated SSPs
on/ Privacy PasswordPassword - CSPuser authenticati onrs - 64 to 256 bits
SNMPv3 Encryption KeySymmetric Key - CSPUsed for SNMPv3 confidentiali ty128, 256 bits - 128 or 256 bitsSNMPv3 Keying Materials Developm entSSHv2 Session Encrypt/Decr ypt
SNMPv3 Authenticati on KeyAuthenticati on key - CSPUsed for SNMPv3 authenticati onAt least 160 bits - At least 160 bitsSNMPv3 Keying Materials Developm entSNMPv3 Session Authenticatio n
DRBG Entropy InputDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Seed:Used With DRBG Internal State V value:Used With DRBG Key:Used With
DRBG SeedDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Entropy Input:Used With DRBG Internal State V value:Used With DRBG Key:Used With
DRBG Internal State V valueDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Entropy Input:Used With DRBG Seed:Used With DRBG Key:Used With
DRBG KeyDRAM:PlaintextZeroization Command RebootUntil RebootDRBG Entropy Input:Used With DRBG Seed:Used With DRBG Internal State V value:Used With
SSH DH Private KeyDRAM:PlaintextZeroization Command SessionWhile SSHSSH DH Public Key:Paired With SSH Peer DH

n h Table 18: SSP Table 1 n © 2021-2026 Cisco Systems, Inc.

Page 35
Sensitive security parameter
NameStorageZeroizationUseInputSession is active
SSH DH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootSSH DH Private Key:Paired WithModule Public Key OutputWhile SSH session is active
SSH Peer DH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootSSH DH Private Key:Used WithPeer Public Key InputWhile SSH session is active
SSH DH Shared SecretDRAM:PlaintextZeroization Command Session Termination RebootSSH DH Private Key:Derived From SSH Peer DH Public Key:Derived FromWhile SSH session is active
SSH ECDH Private KeyDRAM:PlaintextZeroization Command Session Termination RebootSSH ECDH Public Key:Paired With SSH Peer ECDH Public Key:Used WithWhile SSH session is active
SSH ECDH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootSSH ECDH Private Key:Paired WithModule Public Key OutputWhile SSH session is active
SSH Peer ECDH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootSSH ECDH Private Key:Used WithPeer Public Key InputWhile SSH session is active
SSH ECDH Shared SecretDRAM:PlaintextZeroization Command Session Termination RebootSSH ECDH Private Key:Derived From SSH Peer ECDH Public Key:Derived FromWhile SSH session is active
SSH RSA Private KeyFlash:PlaintextZeroization CommandSSH RSA Public Key:Paired With
SSH RSA Public KeyFlash:PlaintextZeroization CommandSSH RSA Private Key:Paired WithModule Public Key Output Secret Input via SSHv2 encrypted
SSH ECDSA Private KeyFlash:PlaintextZeroization CommandSSH ECDSA Public Key:Paired With
SSH ECDSA Public KeyFlash:PlaintextZeroization CommandSSH ECDSA Private Key:Paired WithModule Public Key Output Secret Input via SSHv2 encrypted by GCM Secret Input via SSHv2 encrypted by AES and HMAC
SSH Session Encryption KeyDRAM:PlaintextZeroization Command Session Termination RebootSSH Session Authentication Key:Used WithWhile SSH session is active
SSH Session Authentication KeyDRAM:PlaintextZeroization Command Session Termination RebootSSH Session Encryption Key:Used WithWhile SSH session is active
TLS DH Private KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS DH Public Key:Paired With TLS Peer DH Public Key:Used WithWhile TLS session is active
TLS DH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS DH Private Key:Paired WithModule Public Key OutputWhile TLS session is active
TLS Peer DH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS DH Private Key:Used WithPeer Public Key InputWhile TLS session is active
TLS DH Shared SecretDRAM:PlaintextZeroization Command Session Termination RebootTLS DH Private Key:Derived From TLS Peer DH Public Key:Derived FromWhile TLS session is active
TLS ECDH Private KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS ECDH Public Key:Paired With TLS Peer ECDH Public Key:Used WithWhile TLS session is active
TLS ECDH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS ECDH Private Key:Paired WithModule Public Key OutputWhile TLS session is active
TLS Peer ECDH Public KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS ECDH Private Key:Used WithPeer Public Key InputWhile TLS session is active
TLS ECDH Shared SecretDRAM:PlaintextZeroization Command Session Termination RebootTLS ECDH Private Key:Derived From TLS Peer ECDH Public Key:Derived FromWhile TLS session is active
TLS RSA Private KeyFlash:PlaintextZeroization CommandTLS RSA Public Key:Paired With
TLS RSA Public KeyFlash:PlaintextZeroization CommandTLS RSA Private Key:Paired WithModule Public Key Output Secret Input via TLS encrypted by GCM Secret Input via TLS encrypted by AES and HMAC
TLS ECDSA Private KeyFlash:PlaintextZeroization CommandTLS ECDSA Public Key:Paired With
TLS ECDSA Public KeyFlash:PlaintextZeroization CommandTLS ECDSA Private Key:Paired WithModule Public Key Output Secret Input via TLS encrypted by GCM Secret Input via TLS encrypted by AES and HMAC
TLS Master SecretDRAM:PlaintextZeroization Command Session Termination RebootTLS DH Shared Secret:Derived From TLS ECDH Shared Secret:Derived FromWhile TLS session is active
TLS Session Encryption KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS Session Authentication Key:Used With TLS Master Secret:Derived FromWhile TLS session is active
TLS Session Authentication KeyDRAM:PlaintextZeroization Command Session Termination RebootTLS Session Encryption Key:Used With TLS Master Secret:Derived FromWhile TLS session is active
SNMPv3 Authentication/ Privacy PasswordFlash:PlaintextZeroization CommandSNMPv3 Encryption Key:Derived to SNMPv3 Authentication Key:Derived toSecret Input via TLS encrypted by GCM Secret Input via TLS encrypted by AES
SNMPv3 Encryption KeyDRAM:PlaintextZeroization Command Session Termination RebootSNMPv3 Authentication/ Privacy Password:Derived From SNMPv3 Authentication Key:Used WithWhile SNMP session is active
SNMPv3 Authentication KeyDRAM:PlaintextZeroization Command Session Termination RebootSNMPv3 Authentication/ Privacy Password:Derived From SNMPv3 Encryption Key:Used WithWhile SNMP session is active
Page 39
Self test
NameAlgorithm Or TestTest MethodTest TypeDetailsTest PropertiesIndicator
HMAC-SHA2- 512 (A4595)HMAC-SHA2- 512 (A4595)KATSW/FW IntegrityHMAC- SHA2-512MAC with HMAC- SHA2-512Module is in normal state
9.5 Transitions

SHA-1 The module includes an implementation of SHA-1 for hashing and digital signature verification. This implementation will be non-Approved for all uses starting January 1, 2031 FIPS 186-4/186-5 As of February 5, 2024, the CMVP does not accept module submissions that implement DSA or RSA X9.31 in the approved mode, other than for signature verification which is approved for legacy use. This module does not implement DSA or RSA X9.31 for signature generation and therefore is unaffected by the current transition from 186-4 to 186-5. As detailed in section 2.7, the CAVP testing performed on the 186-4 algorithms is mathematically similar to the testing performed on the 186-5 algorithms and therefore this module claims compliance with 186-5. This means that no timeline exists in which any of the implemented algorithms will transition from approved to non-approved.

10 Self-Tests
10.1 Pre-Operational Self-Tests

Table 20: Pre-Operational Self-Tests © 2021-2026 Cisco Systems, Inc. HMACSHA2-512

Page 40
Self test
NameAlgorithm Or TestTest MethodTest TypePeriodPeriodic MethodDetailsIndicat orCondition s
AES-CBC encrypt KAT (A4595)AES-CBC encrypt KAT (A4595)KATCAS TEncrypt256 bitsModule is in normal statePower up
AES-CBC decrypt KAT (A4595)AES-CBC decrypt KAT (A4595)KATCAS TDecrypt256 bitsModule is in normal statePower up
AES-GCM authenticated encrypt KAT (A4595)AES-GCM authenticated encrypt KAT (A4595)KATCAS TAuthenticat ed Encrypt256 bitsModule is in normal statePower up
AES-GCM authenticated decrypt KAT (A4595)AES-GCM authenticated decrypt KAT (A4595)KATCAS TAuthenticat ed Decrypt256 bitsModule is in normal statePower up
Counter DRBG Instantiate/Generate/Res eed KAT (A4595)Counter DRBG Instantiate/Generate/Res eed KAT (A4595)KATCAS TInstantiate, Generate, and Reseed KATsAES-128Module is in normal statePower up
ECDSA SigGen (FIPS186-4) KAT (A4595)ECDSA SigGen (FIPS186-4) KAT (A4595)KATCAS TECDSA SigGen KATCurve P- 256 with SHA2- 256Module is in normal statePower up
ECDSA SigVer (FIPS186-4) KAT (A4595)ECDSA SigVer (FIPS186-4) KAT (A4595)KATCAS TECDSA SigVer KATCurve P- 256 with SHA2- 256Module is in normal statePower up
Entropy Source RCT Start-up Health TestsEntropy Source RCT Start-up Health TestsRCTCAS TN/ARepetitio n Count Test (RCT)Module is in normal statePower up
Entropy Source APT Start-up Health TestsEntropy Source APT Start-up Health TestsAPTCAS TN/AAdaptive Proportio n Test (APT)Module is in normal statePower up
Entropy Source RCT Continuous Health TestsEntropy Source RCT Continuous Health TestsRCTCAS TN/ARepetitio n Count Test (RCT)Module is in normal statePerformed continuous ly as entropy source is active
Entropy Source APT Continuous Health TestsEntropy Source APT Continuous Health TestsAPTCAS TN/AAdaptive Proportio n Test (APT)Module is in normal statePerformed continuous ly as entropy source is active
HMAC-SHA-1 KAT (A4595)HMAC-SHA-1 KAT (A4595)KATCAS TN/ASHA-1Module is in normal statePower up
HMAC-SHA2-224 KAT (A4595)HMAC-SHA2-224 KAT (A4595)KATCAS TN/ASHA2- 224Module is in normal statePower up
HMAC-SHA2-256 KAT (A4595)HMAC-SHA2-256 KAT (A4595)KATCAS TN/ASHA2- 256Module is in normal statePower up
HMAC-SHA2-384 KAT (A4595)HMAC-SHA2-384 KAT (A4595)KATCAS TN/ASHA2- 384Module is in normal statePower up
HMAC-SHA2-512 KAT (A4595)HMAC-SHA2-512 KAT (A4595)KATCAS TN/ASHA2- 512Module is in normal statePower up
KAS-ECC-SSC Sp800- 56Ar3 KAT (A4595)KAS-ECC-SSC Sp800- 56Ar3 KAT (A4595)KATCAS TPrimitive Z KATCurve P- 256Module is in normal statePower up
KAS-FFC-SSC Sp800- 56Ar3 KAT (A4595)KAS-FFC-SSC Sp800- 56Ar3 KAT (A4595)KATCAS TPrimitive Z KATMODP- 2048Module is in normal statePower up
KDF SNMP KAT (A4595)KDF SNMP KAT (A4595)KATCAS TN/AN/AModule is inPower up
KDF SSH KAT (A4595)KDF SSH KAT (A4595)KATCAS TN/AN/AModule is in normal statePower up
RSA SigGen (FIPS186-4) KAT (A4595)RSA SigGen (FIPS186-4) KAT (A4595)KATCAS TRSA SigGen KAT2048 bit modulus with SHA2- 256Module is in normal statePower up
RSA SigVer (FIPS186-4) KAT (A4595)RSA SigVer (FIPS186-4) KAT (A4595)KATCAS TRSA SigVer KAT2048 bit modulus with SHA2- 256Module is in normal statePower up
TLS v1.2 KDF RFC7627 KAT (A4595)TLS v1.2 KDF RFC7627 KAT (A4595)KATCAS TN/AN/AModule is in normal statePower up
ECDSA KeyGen (FIPS186-4) PCT (A4595)ECDSA KeyGen (FIPS186-4) PCT (A4595)PCTPCTECDSACurve P- 256 with SHA2- 256Module is in normal statePerforms all required pair-wise consistenc y tests on the newly generated key pairs before the first operational use.
KAS-ECC-SSC Sp800- 56Ar3 PCT (A4595)KAS-ECC-SSC Sp800- 56Ar3 PCT (A4595)PCTPCTN/ACurve P- 256 with SHA2- 256Module is in normal statePerforms all required pair-wise consistenc y tests on the newly generated key pairs before the first operational use.
KAS-FFC-SSC Sp800- 56Ar3 PCT (A4595)KAS-FFC-SSC Sp800- 56Ar3 PCT (A4595)PCTPCTN/AMODP- 2048Module is inPerforms all required pair-wise
normal statenormal stateconsistenc y tests on the newly generated key pairs before the first operational use.
RSA KeyGen (FIPS186- 4) PCT (A4595)RSA KeyGen (FIPS186- 4) PCT (A4595)PCTPCTRSA2048 bit modulusModule is in normal statePerforms all required pair-wise consistenc y tests on the newly generated key pairs before the first operational use.
HMAC-SHA2- 512 (A4595)HMAC-SHA2- 512 (A4595)KATSW/FW IntegrityRecommend 60 DaysReboot
AES-CBC encrypt KAT (A4595)AES-CBC encrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-CBC decrypt KAT (A4595)AES-CBC decrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-GCM authenticated encrypt KAT (A4595)AES-GCM authenticated encrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-GCM authenticated decrypt KAT (A4595)AES-GCM authenticated decrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
Counter DRBG Instantiate/Generate/Reseed KAT (A4595)Counter DRBG Instantiate/Generate/Reseed KAT (A4595)KATCASTRecommend 60 DaysReboot

The module performs the following self-tests, including Pre-operational and Conditional selftests. Prior to the module providing any data output via the data output interface, the module performs and passes the pre-operational self-tests. Following the successful pre-operational self-tests, the module executes the Conditional Cryptographic Algorithm Self-tests (CASTs). The self-test success or failure results are an output of the return value of the library load API call, which is functioning as the self-test status indicator. If anyone of the self-tests fails, the module transitions into an error state and outputs the error message via the module’s status output interface. While the module is in the error state, all data through the data output interface and all cryptographic operations are disabled. The error state can only be cleared by reloading the module. All self-tests must be completed successfully before the module transitions to the operational state.

10.2 Conditional Self-Tests

s d s T T T T T SHA2256 SHA2256 T T T N/A © 2021-2026 Cisco Systems, Inc.

Page 41

s d s T N/A T N/A T N/A T N/A SHA2224 T N/A SHA2256 T N/A SHA2384 T N/A SHA2512 T N/A Curve P256 T MODP2048 T N/A T N/A © 2021-2026 Cisco Systems, Inc.

Page 42

s d N/A T SHA2256 SHA2256 N/A T T T SHA2256 SHA2256 MODP2048 © 2021-2026 Cisco Systems, Inc. s N/A N/A N/A N/A

Page 43
Self test
NameAlgorithm Or TestTest MethodTest TypePeriodPeriodic MethodDetailsIndicat orCondition s
normal statenormal stateconsistenc y tests on the newly generated key pairs before the first operational use.
RSA KeyGen (FIPS186- 4) PCT (A4595)RSA KeyGen (FIPS186- 4) PCT (A4595)PCTPCTRSAModule is in normal statePerforms all required pair-wise consistenc y tests on the newly generated key pairs before the first operational use.2048 bit modulus
HMAC-SHA2- 512 (A4595)HMAC-SHA2- 512 (A4595)KATSW/FW IntegrityRecommend 60 DaysReboot
AES-CBC encrypt KAT (A4595)AES-CBC encrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-CBC decrypt KAT (A4595)AES-CBC decrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-GCM authenticated encrypt KAT (A4595)AES-GCM authenticated encrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-GCM authenticated decrypt KAT (A4595)AES-GCM authenticated decrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
Counter DRBG Instantiate/Generate/Reseed KAT (A4595)Counter DRBG Instantiate/Generate/Reseed KAT (A4595)KATCASTRecommend 60 DaysReboot
Self test
NameAlgorithm Or TestTest MethodTest TypePeriodPeriodic MethodDetailsIndicat orCondition s
normal statenormal stateconsistenc y tests on the newly generated key pairs before the first operational use.
RSA KeyGen (FIPS186- 4) PCT (A4595)RSA KeyGen (FIPS186- 4) PCT (A4595)PCTPCTRSAModule is in normal statePerforms all required pair-wise consistenc y tests on the newly generated key pairs before the first operational use.2048 bit modulus
HMAC-SHA2- 512 (A4595)HMAC-SHA2- 512 (A4595)KATSW/FW IntegrityRecommend 60 DaysReboot
AES-CBC encrypt KAT (A4595)AES-CBC encrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-CBC decrypt KAT (A4595)AES-CBC decrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-GCM authenticated encrypt KAT (A4595)AES-GCM authenticated encrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
AES-GCM authenticated decrypt KAT (A4595)AES-GCM authenticated decrypt KAT (A4595)KATCASTRecommend 60 DaysReboot
Counter DRBG Instantiate/Generate/Reseed KAT (A4595)Counter DRBG Instantiate/Generate/Reseed KAT (A4595)KATCASTRecommend 60 DaysReboot
ECDSA SigGen (FIPS186-4) KAT (A4595)ECDSA SigGen (FIPS186-4) KAT (A4595)KATCASTRecommend 60 DaysReboot
ECDSA SigVer (FIPS186-4) KAT (A4595)ECDSA SigVer (FIPS186-4) KAT (A4595)KATCASTRecommend 60 DaysReboot
Entropy Source RCT Start- up Health TestsEntropy Source RCT Start- up Health TestsRCTCASTRecommend 60 DaysReboot
Entropy Source APT Start- up Health TestsEntropy Source APT Start- up Health TestsAPTCASTRecommend 60 DaysReboot
Entropy Source RCT Continuous Health TestsEntropy Source RCT Continuous Health TestsRCTCASTN/AN/A
Entropy Source APT Continuous Health TestsEntropy Source APT Continuous Health TestsAPTCASTN/AN/A
HMAC-SHA-1 KAT (A4595)HMAC-SHA-1 KAT (A4595)KATCASTRecommend 60 DaysReboot
HMAC-SHA2-224 KAT (A4595)HMAC-SHA2-224 KAT (A4595)KATCASTRecommend 60 DaysReboot
HMAC-SHA2-256 KAT (A4595)HMAC-SHA2-256 KAT (A4595)KATCASTRecommend 60 DaysReboot
HMAC-SHA2-384 KAT (A4595)HMAC-SHA2-384 KAT (A4595)KATCASTRecommend 60 DaysReboot
HMAC-SHA2-512 KAT (A4595)HMAC-SHA2-512 KAT (A4595)KATCASTRecommend 60 DaysReboot
KAS-ECC-SSC Sp800- 56Ar3 KAT (A4595)KAS-ECC-SSC Sp800- 56Ar3 KAT (A4595)KATCASTRecommend 60 DaysReboot
KAS-FFC-SSC Sp800- 56Ar3 KAT (A4595)KAS-FFC-SSC Sp800- 56Ar3 KAT (A4595)KATCASTRecommend 60 DaysReboot
KDF SNMP KAT (A4595)KDF SNMP KAT (A4595)KATCASTRecommend 60 DaysReboot
KDF SSH KAT (A4595)KDF SSH KAT (A4595)KATCASTRecommend 60 DaysReboot
RSA SigGen (FIPS186-4) KAT (A4595)RSA SigGen (FIPS186-4) KAT (A4595)KATCASTRecommend 60 DaysReboot
RSA SigVer (FIPS186-4) KAT (A4595)RSA SigVer (FIPS186-4) KAT (A4595)KATCASTRecommend 60 DaysReboot
TLS v1.2 KDF RFC7627 KAT (A4595)TLS v1.2 KDF RFC7627 KAT (A4595)KATCASTRecommend 60 DaysReboot
ECDSA KeyGen (FIPS186- 4) PCT (A4595)ECDSA KeyGen (FIPS186- 4) PCT (A4595)PCTPCTRecommend 60 DaysReboot
KAS-ECC-SSC Sp800- 56Ar3 PCT (A4595)KAS-ECC-SSC Sp800- 56Ar3 PCT (A4595)PCTPCTRecommend 60 DaysReboot
KAS-FFC-SSC Sp800- 56Ar3 PCT (A4595)KAS-FFC-SSC Sp800- 56Ar3 PCT (A4595)PCTPCTRecommend 60 DaysReboot
RSA KeyGen (FIPS186-4) PCT (A4595)RSA KeyGen (FIPS186-4) PCT (A4595)PCTPCTRecommend 60 DaysReboot

s d Table 21: Conditional Self-Tests s

10.3 Periodic Self-Test Information

Table 22: Pre-Operational Periodic Information © 2021-2026 Cisco Systems, Inc.

Page 44

N/A N/A N/A Table 23: Conditional Periodic Information © 2021-2026 Cisco Systems, Inc. N/A

Page 45
Service
NameDescriptionRole AccessIndicator
Error StateIf self-test tests fail, the module is put into an error state.Self-test failureSystem haltReboot the module
ChooseSSHorHTTPS
(Firepower Management Center Configuration Guide provides more detailed
information).

The module performs on-demand self-tests initiated by the operator, by powering off and powering the module back on. The full suite of self-tests is then executed. The same procedure may be employed by the operator to perform periodic self-tests.

10.4 Error States

Table 24: Error States If any of the above-mentioned self-tests fail, the module reports the error and enters the Error state. In the Error State, no cryptographic services are provided, and data output is prohibited. The only method to recover from the error state is to reboot the module and perform the selftests, including the pre-operational integrity test and the conditional CASTs. The module will only enter into the operational state after successfully passing the pre-operational integrity test and the conditional CASTs.

11 Life-Cycle Assurance
11.1 Installation, Initialization, and Startup Procedures

The module meets all the Level 1 requirements for FIPS 140-3. The Crypto Officer must configure and enforce the following initialization steps: Step 1: Log in with the default username admin and the password Admin123. Step 2: The first time you log in to the Module, you are prompted to accept the End User License Agreement (EULA) and to change the admin password. You will be prompted with the CLI setup wizard. Answer the prompts to configure the network settings. Step 3: Use a web browser to navigate to the Modules Firewall Management Center IP address you configured in Step 2. Step 4: Navigate to System > Configuration > Access List (Choose SSH or HTTPS or a combination of these options to specify which ports you want to enable for these IP addresses). Step 5: Navigate to System > Licenses > Smart Licenses, add and verify licenses Install AES SMART license to use AES (for data traffic and SSH). Step 6: Navigate to System > Configuration > UCAPL/CC Compliance, choose “CC” from the drop down; Click on save. © 2021-2026 Cisco Systems, Inc.

Page 46

Step 8: Check the Module’s name, version and approved service status by using the following commands/ procedure: Output the modules name/version: > show version Output the modules approved mode of operation status by navigating to System > Configuration > UCAPL/CC Compliance, and confirming the “CC” option is selected.

11.2 Administrator Guidance

No specific Administrator guidance.

11.3 Non-Administrator Guidance

No specific Non-Administrator guidance.

12 Mitigation of Other Attacks

N/A for this module. © 2021-2026 Cisco Systems, Inc.