2621XM fips 140-2 compliant ios image

Unanswered Question
Mar 24th, 2010

I need to setup a fips 140-2 compliant tunnel. We have a 2621XM which is on the list of compliant devices. But, the required ios image 12.3(3d) is no lonager available.

Any suggestions on how I could obtain this specific firmware version?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Paolo Bevilacqua Wed, 03/24/2010 - 08:49

First of all is IOS is fully fledged software, not firmware.

Then, I understand the FIPS certification process has provision for which within the legal framework newer version from manufacturer can be used and is certified as well.

Last, not sure the performances you need, but without an hardware module, do not expect much from an old 2921XM really.

bscharber Wed, 03/24/2010 - 09:46

Sorry firmware is the wrong term, I should have used image. My device does have the AIM-VPN/EP card in it.

In section 3.2 of the Security Policy associated with the "2621XM and 2651XM Modular Access Routers with AIM-VPN/EP" it states "IOS version 12.3(3d) is the only allowable image; no other image may be loaded."

I have been searching FIPS 140-2 for something about software upgrades, but have not found anything yet.


This Discussion