فایروال سیسکو سری Firepower 4100

FPR-4110

35G

15.5G

16.5G

8 x SFP+ on-chassis

2 x NM’s: 1/10/40G, FTW

FPR-4112

40G

19G

19G

8 x SFP+ on-chassis

2 x NM’s: 1/10/40G, FTW

FPR-4115

80G

33G

33G

8 x SFP+ on-chassis

2 x NM’s: 1/10/40G, FTW

FPR-4125

80G

45G

45G

8 x SFP+ on-chassis

2 x NM’s: 1/10/40G, FTW

FPR-4145

80G

53G

55G

8 x SFP+ on-chassis

2 x NM’s: 1/10/40G, FTW

Throughput: FW + AVC (1024B)

16.5Gbps

19Gbps

33Gbps

45Gbps

53Gbps

Throughput: FW + AVC + IPS (1024B)

15.5Gbps

19Gbps

33Gbps

45Gbps

53Gbps

Maximum concurrent sessions, with AVC

10million

10million

15million

25million

30million

Maximum new connections per second, with AVC

64K

98K

210K

269K

365K

TLS (Hardware Decryption)

4.5Gbps

4.5Gbps

6.5Gbps

8.5Gbps

10Gbps

Throughput: NGIPS (1024B)

16.5Gbps

19Gbps

33Gbps

45Gbps

55Gbps

IPSec VPN Throughput
(1024B TCP w/Fastpath)

8Gbps

8.5Gbps

12.5Gbps

19Gbps

24Gbps

Maximum VPN Peers

10,000

10,000

15,000

20,000

20,000

Multi-Instance Capable

Yes

Centralized management

Centralized configuration, logging, monitoring, and reporting are performed by the Management Center or alternatively in the cloud with Cisco Defense Orchestrator

Application Visibility and
Control (AVC)

Standard, supporting more than 4000 applications, as well as geolocations, users, and websites

AVC: OpenAppID support for custom, open source, application detectors

Standard

Cisco Security Intelligence

Standard, with IP, URL, and DNS threat intelligence

Cisco Secure IPS License

Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence

Cisco Malware Defense for Networks

Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco Secure Endpoint is also optionally available

Cisco Malware Analytics sandboxing

Available

URL filtering: number of categories

More than 80

URL filtering: number of URLs categorized

More than 280 million

Automated threat feed and IPS signature updates

Yes: Class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group (https://www.cisco.com/c/en/us/products/security/talos.html)

Third-party and open-source ecosystem

Open API for integrations with third-party products; Snort^® and OpenAppID community resources for new and specific threats

High availability and clustering

Active/active, Active/standby. Cisco Firepower 4100 Series allows clustering of up to 6 chassis

Cisco Trust Anchor Technologies

Firepower 4100 Series platforms include Trust Anchor Technologies for supply chain and software image assurance

Stateful inspection firewall throughput

35Gbps

40Gbps

80Gbps

80Gbps

80Gbps

Stateful inspection firewall throughput (multiprotocol)²

15Gbps

30Gbps

40Gbps

45Gbps

50Gbps

Concurrent firewall connections

10million

10million

15million

25million

40million

Firewall latency (UDP 64B microseconds)

3.5

3.5

3.5

3.5

3.5

New connections per second

150,000

400,000

848K

1.1 million

1.5 million

IPsec VPN throughput (450B UDP L2L test)

8 Gbps

9 Gbps

15 Gbps

19 Gbps

23 Gbps

Maximum VPN Peers

10,000

10,000

15,000

20,000

20,000

Security contexts (included; maximum)

10; 250

10; 250

10; 250

10; 250

10; 250

High availability

Active/active and active/standby

Clustering

Up to 16 appliances

Scalability

VPN Load Balancing, Firewall Clustering

Centralized management

Centralized configuration, logging, monitoring, and reporting are performed by Cisco Security Manager or alternatively in the cloud with Cisco Defense Orchestrator

Adaptive Security Device Manager

Web-based, local management for small-scale deployments