Cisco Instant Message and Presence (IM&P) v15 SU3 FIPS 140-3 Compliance Letter

Date: July 31, 2025

To Whom It May Concern,

A conformance review of Cisco Instant Message and Presence (IM&P) version 15 SU3 ("the Product") was completed and found that the Product integrates the following FIPS 140-3 approved cryptographic modules:

Cisco FIPS Object Module (version 7.3a), cert #4747

Cisco confirms that the cryptographic module listed above provides cryptographic services for the following as applicable:

TLS for XCP (XMPP), TLS for SIP Proxy and HTTPS (TLS)(#4747)

The review/testing confirmed that:

The cryptographic module (mentioned above) does initialize in a manner that is compliant with its Security Policy.
All applicable cryptographic algorithms used for session establishment are handled within the cryptographic module.
All applicable underlying cryptographic algorithms support each service's key derivation function.

This letter has been generated in accordance with guidance provided by the Cryptographic Module Validation Program (CMVP) (https://csrc.nist.gov/Projects/cryptographic-module-validation-program/validated-modules).

In general, a letter will not be generated for subsequent software releases unless a change has been made to the cryptographic module(s) noted in this letter.

The CMVP has not independently reviewed this analysis, testing or the results.

Any questions regarding these statements may be directed via e-mail to the Cisco Global Certification Team (GCT) at certteam@cisco.com.

Thank you,

Edward D Paradise
VP Engineering
Cisco S&TO

	Cisco Desk Phone 8875 Series FIPS 140-3 Cryptographic Module Compliance This document confirms the FIPS 140-3 compliance of the Cisco Desk Phone 8875 series with PhoneOS version 3.5, detailing the approved cryptographic module and its validated services.
	Cisco Unified Communications Manager 15 SU3 FIPS 140-3 Compliance Letter This letter confirms that Cisco Unified Communications Manager version 15 SU3 integrates FIPS 140-3 approved cryptographic modules, detailing the services they support and the validation process.
	Cisco Catalyst SD-WAN FIPS 140-3 Compliance Review Compliance review letter for Cisco Catalyst SD-WAN (version 20.15) confirming its FIPS 140-3 validated cryptographic module and supported cryptographic services.
	Cisco Thousand Eyes FIPS 140-3 Cryptographic Module Compliance Letter Official compliance letter from Cisco confirming that Cisco Thousand Eyes version 2.3 with PhoneOS version 3.5 integrates a FIPS 140-3 approved cryptographic module, detailing its validation and security compliance for TLS.
	Cisco Desk Phone 9800 Series FIPS 140-3 Compliance Letter Official compliance letter confirming the Cisco Desk Phone 9800 series with PhoneOS 3.5 meets FIPS 140-3 standards, referencing Cisco FIPS Object Module 7.3a.
	Cisco Secure Web Appliance AsyncOS 15.5 FIPS 140-3 Compliance Review Compliance review letter confirming Cisco Secure Web Appliance (SWA) running AsyncOS 15.5 meets FIPS 140-3 validation standards for its cryptographic module, supporting TLS v1.2 and SSHv2.
	Cisco Enterprise NFV Infrastructure v4.18 FIPS 140-3 Compliance Letter This document confirms the FIPS 140-3 compliance of Cisco Enterprise NFV Infrastructure Version 4.18, detailing its validated cryptographic module and supported security services.
	Cisco Cyber Vision v5.2 FIPS 140-3 Compliance Letter Official compliance review letter for Cisco Cyber Vision version 5.2, confirming its FIPS 140-3 validated cryptographic module and supported services across various Cisco platforms.

Related Documents