background image
2
Cisco 1721 and Cisco 1760 Modular Access Routers with MOD1700-VPN FIPS 140-2 Non-Proprietary Security Policy
78-16315-01
The Cisco 1721/1760 Cryptographic Module
References
This document deals only with operations and capabilities of the 1721 and 1760 routers in the technical
terms of a FIPS 140-2 cryptographic module security policy. More information is available on the 1721
and 1760 routers and the entire 1700 Series from the following sources:
·
The Cisco Systems website contains information on the full line of products at www.cisco.com. The
1700 Series product descriptions can be found at:
http://www.cisco.com/en/US/products/hw/routers/ps221/index.html
·
For answers to technical or sales related questions please refer to the contacts listed on the Cisco
Systems website at www.cisco.com.
·
The NIST Validated Modules website (http://csrc.nist.gov/cryptval) contains contact information
for answers to technical or sales-related questions for the module
Terminology
In this document, the Cisco 1721 and 1760 routers are referred to as the routers, the modules, or the
systems.
Document Organization
The Security Policy document is part of the FIPS 140-2 Submission Package. In addition to this
document, the Submission Package contains:
·
Vendor Evidence document
·
Finite State Machine
·
Module Software Listing
·
Other supporting documentation as additional references
This document provides an overview of the 1721 and 1760 routers and explains the secure configuration
and operation of the modules. This introduction section is followed by the section "The Cisco 1721/1760
Cryptographic Module", which details the general features and functionality of the 1721 and 1760
routers. The section "Secure Operation of the Cisco 1721/1760 Router" specifically addresses the
required configuration for the FIPS-mode of operation.
With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation Submission
Documentation is Cisco-proprietary and is releasable only under appropriate non-disclosure agreements.
For access to these documents, please contact Cisco Systems.
The Cisco 1721/1760 Cryptographic Module
Branch office networking requirements are dramatically evolving, driven by web and e-commerce
applications to enhance productivity and merging the voice and data infrastructure to reduce costs. The
Cisco 1721 and 1760 routers offer versatility, integration, and security to branch offices. With numerous
WAN Interface Cards (WICs) and Voice Interface Cards (VICs) available, the modular architecture of
the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Cisco