Certificate 2090 - Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]
intCertNum 2090
strVendorName Cisco Systems, Inc.
strURL http://www.cisco.com
strAddress1 170 West Tasman Dr.
strAddress2
strAddress3
strCity San Jose
strStateProv CA
strPostalCode 95134
strCountry 95134
strContact Global Certification Team
strEmail certteam@cisco.com
strPhone
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2090
strModuleName Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]
strPartNumber Hardware Versions: ASR1001 [1], ASR1002 [2], ASR1002-X [3], ASR1004 [4], ASR1006 [5] and ASR1013 [6];
FIPS KITs: ASR1001-FIPS-Kit [K1], ASR1002- FIPS-Kit [K2], ASR1004-FIPS-Kit [K3], ASR1006-FIPS-Kit [K4] and ASR1013-FIPS-Kit [K5];
Embedded Services Processors: ASR1000-ESP5 [E1], ASR1000-ESP10 [E2], ASR1000-ESP20 [E3], ASR1000-ESP40 [E4] and ASR1000-ESP100 [E5];
Route Processors: ASR-1000-RP1 [R1] and ASR-1000-RP2 [R2];
Firmware Version: 3.7.2tS
memModuleNotes When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Hardware
strValidationDate 02/26/2014
intOverallLevel 2
memIndividualLevelNotes -Roles, Services, and Authentication: Level 3;-Design Assurance: Level 3;-Mitigation of Other Attacks: N/A
strFIPSAlgorithms AES (Certs. #333, #2346 and #2549);
DRBG (Cert. #382);
HMAC (Certs. #137, #1455 and #1570);
RNG (Certs. #154 and #1170);
RSA (Cert. #1304);
SHS (Certs. #408, #2023 and #2150);
Triple-DES (Certs. #397, #1469 and #1543)
strOtherAlgorithms DES;
Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
HMAC-MD5;
IKE KDF;
MD5;
RC4;
RSA (key wrapping;
key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
SHA-1 (non-compliant);
SNMPv3 KDF;
SSH KDF;
TLS KDF
strConfiguration Multi-chip standalone
memModuleDescription The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.
intModuleCount 1
memAdditionalNotes
strFirstValidtionDate 02/26/14 00:00:00
strLabName Leidos
strValidationYear 2014