2621XM fips 140-2 compliant ios image

Unanswered Question
Mar 24th, 2010
User Badges:

I need to setup a fips 140-2 compliant tunnel. We have a 2621XM which is on the list of compliant devices. But, the required ios image 12.3(3d) is no lonager available.


Any suggestions on how I could obtain this specific firmware version?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paolo bevilacqua Wed, 03/24/2010 - 08:49
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

First of all is IOS is fully fledged software, not firmware.

Then, I understand the FIPS certification process has provision for which within the legal framework newer version from manufacturer can be used and is certified as well.

Last, not sure the performances you need, but without an hardware module, do not expect much from an old 2921XM really.

bscharber Wed, 03/24/2010 - 09:46
User Badges:

Sorry firmware is the wrong term, I should have used image. My device does have the AIM-VPN/EP card in it.


In section 3.2 of the Security Policy associated with the "2621XM and 2651XM Modular Access Routers with AIM-VPN/EP" it states "IOS version 12.3(3d) is the only allowable image; no other image may be loaded."


I have been searching FIPS 140-2 for something about software upgrades, but have not found anything yet.

paolo bevilacqua Wed, 03/24/2010 - 16:52
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Then my understanding of FIPS provisions is wrong, sorry for the confusion.

Actions

This Discussion