Manuals+

To Whom It May Concern,

July 31, 2025

A compliance review of Unified Communications Manager version 15 SU3 (the product) was completed and found that the Product integrates the following FIPS 140-3 approved cryptographic modules:

  1. Cisco FIPS Object Module 7.3a, cert #4747
  2. BC-FJA (Bouncy Castle FIPS Java API), cert #4743
  3. Linux Kernel FIPS Object Module (KFOM) Cryptographic Module, cert #4744

Cisco confirms that the cryptographic modules listed above provide cryptographic services for the following as applicable:

The review/testing confirmed that:

  1. The cryptographic module (mentioned above) does initialize in a manner that is compliant with its Security Policy.
  2. All applicable cryptographic algorithms used for session establishment are handled within the cryptographic module.
  3. All applicable underlying cryptographic algorithms support each service's key derivation function.

This letter has been generated in accordance with guidance provided by the Cryptographic Module Validation Program (CMVP) (https://csrc.nist.gov/Projects/cryptographic-module-validation-program/validated-modules). In general, a letter will not be generated for subsequent software releases unless a change has been made to the cryptographic module(s) noted in this letter.

The CMVP has not independently reviewed this analysis, testing or the results.

Any questions regarding these statements may be directed via e-mail to the Cisco Global Certification Team (GCT) at certteam@cisco.com.

Sincerely,

Ed Paradise,
SVP Engineering S&TO

Cisco Confidential

PDF preview unavailable. Download the PDF instead.

cucm15su3-internal-fips-compliance-letter Microsoft Word for Microsoft 365 䵩捲潳潦璮⁗潲搠景爠䵩捲潳潦琠㌶㔻潤楦楥搠畳楮朠楔數琠㈮ㄮ㜠批‱吳塔

Related Documents

Preview Cisco Emergency Responder 15 SU3 FIPS 140-3 Compliance Letter
Compliance review letter for Cisco Emergency Responder version 15 SU3, confirming its integration with FIPS 140-3 approved cryptographic modules and detailing supported cryptographic services.
Preview Cisco Instant Message and Presence (IM&P) v15 SU3 FIPS 140-3 Compliance Letter
Official conformance review letter for Cisco Instant Message and Presence (IM&P) version 15 SU3, confirming integration of FIPS 140-3 approved cryptographic modules and their compliance with security policies for TLS services.
Preview Cisco Catalyst SD-WAN FIPS 140-3 Compliance Review
Compliance review letter for Cisco Catalyst SD-WAN (version 20.15) confirming its FIPS 140-3 validated cryptographic module and supported cryptographic services.
Preview Cisco Desk Phone 8875 Series FIPS 140-3 Cryptographic Module Compliance
This document confirms the FIPS 140-3 compliance of the Cisco Desk Phone 8875 series with PhoneOS version 3.5, detailing the approved cryptographic module and its validated services.
Preview Cisco Enterprise NFV Infrastructure v4.18 FIPS 140-3 Compliance Letter
This document confirms the FIPS 140-3 compliance of Cisco Enterprise NFV Infrastructure Version 4.18, detailing its validated cryptographic module and supported security services.
Preview FIPS Compliance Guide for Cisco Unity Connection
This guide details the implementation and management of FIPS compliance for Cisco Unity Connection. It covers essential configurations, certificate regeneration, security protocols, and mode restrictions to ensure secure voice messaging operations.
Preview Cisco Desk Phone 9800 Series FIPS 140-3 Compliance Letter
Official compliance letter confirming the Cisco Desk Phone 9800 series with PhoneOS 3.5 meets FIPS 140-3 standards, referencing Cisco FIPS Object Module 7.3a.
Preview Cisco Secure Web Appliance AsyncOS 15.5 FIPS 140-3 Compliance Review
Compliance review letter confirming Cisco Secure Web Appliance (SWA) running AsyncOS 15.5 meets FIPS 140-3 validation standards for its cryptographic module, supporting TLS v1.2 and SSHv2.