July 31, 2025

Cisco Emergency Responder 15 SU3 FIPS 140-3 Compliance Letter

To Whom It May Concern,

A compliance review of Emergency Responder (CER) version 15 SU3 (“the Product") was completed and found that the Product integrates the following FIPS 140-3 approved cryptographic modules:

Cisco FIPS Object Module 7.3a, cert #4747
BC-FJA (Bouncy Castle FIPS Java API), cert #4743
Linux Kernel FIPS Object Module (KFOM) Cryptographic Module, cert #4744

Cisco confirms that the cryptographic modules listed above provide cryptographic services for the following as applicable:

Certificate Management for Self-Signed Certificate, IKE, Strongswan 5.9 (#4747)
TLS for HTTPs (via Tomcat), Tomcat-based web applications, SOAP AXL interface, TLS for Disaster Recovery System (DRS), Certificate Management (CA Signing), SSH (#4743)
IPSec Control plane (#4744)

Review and Testing Confirmation

The review/testing confirmed that:

The cryptographic module (mentioned above) does initialize in a manner that is compliant with its Security Policy.
All applicable cryptographic algorithms used for session establishment are handled within the cryptographic module.
All applicable underlying cryptographic algorithms support each service's key derivation function.

This letter has been generated in accordance with guidance provided by the Cryptographic Module Validation Program (CMVP). You can find more information at: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/validated-modules.

In general, a letter will not be generated for subsequent software releases unless a change has been made to the cryptographic module(s) noted in this letter.

The CMVP has not independently reviewed this analysis, testing or the results.

Any questions regarding these statements may be directed via e-mail to the Cisco Global Certification Team (GCT) at certteam@cisco.com.

	Cisco Unified Communications Manager 15 SU3 FIPS 140-3 Compliance Letter This letter confirms that Cisco Unified Communications Manager version 15 SU3 integrates FIPS 140-3 approved cryptographic modules, detailing the services they support and the validation process.
	Cisco Desk Phone 8875 Series FIPS 140-3 Cryptographic Module Compliance This document confirms the FIPS 140-3 compliance of the Cisco Desk Phone 8875 series with PhoneOS version 3.5, detailing the approved cryptographic module and its validated services.
	Cisco Catalyst SD-WAN FIPS 140-3 Compliance Review Compliance review letter for Cisco Catalyst SD-WAN (version 20.15) confirming its FIPS 140-3 validated cryptographic module and supported cryptographic services.
	Cisco Instant Message and Presence (IM&P) v15 SU3 FIPS 140-3 Compliance Letter Official conformance review letter for Cisco Instant Message and Presence (IM&P) version 15 SU3, confirming integration of FIPS 140-3 approved cryptographic modules and their compliance with security policies for TLS services.
	Cisco Thousand Eyes FIPS 140-3 Cryptographic Module Compliance Letter Official compliance letter from Cisco confirming that Cisco Thousand Eyes version 2.3 with PhoneOS version 3.5 integrates a FIPS 140-3 approved cryptographic module, detailing its validation and security compliance for TLS.
	Cisco Secure Web Appliance AsyncOS 15.5 FIPS 140-3 Compliance Review Compliance review letter confirming Cisco Secure Web Appliance (SWA) running AsyncOS 15.5 meets FIPS 140-3 validation standards for its cryptographic module, supporting TLS v1.2 and SSHv2.
	Cisco Cyber Vision v5.2 FIPS 140-3 Compliance Letter Official compliance review letter for Cisco Cyber Vision version 5.2, confirming its FIPS 140-3 validated cryptographic module and supported services across various Cisco platforms.
	Cisco Enterprise NFV Infrastructure v4.18 FIPS 140-3 Compliance Letter This document confirms the FIPS 140-3 compliance of Cisco Enterprise NFV Infrastructure Version 4.18, detailing its validated cryptographic module and supported security services.

Review and Testing Confirmation

Related Documents