Throughput: Firewall (FW) + Application Visibility and Control (AVC) (1024B) |
25Gbps |
---|---|
Throughput: FW + AVC + Intrusion Prevention System (IPS (1024B) |
21Gbps |
Maximum concurrent sessions, with AVC |
30Million |
Maximum new connections per second, with AVC |
130K |
TLS (Hardware Decryption) |
7.5Gbps |
Throughput: NGIPS (1024B) |
30Gbps |
IPSec VPN throughput (1024B TCP w/Fastpath) |
13.5Gbps |
AVC |
Standard, supporting more than 4000 applications, as well as geolocations, users, and |
AVC: OpenAppID support for custom, open-source application detectors |
Standard |
Cisco Security Intelligence |
Standard, with IP, URL, and DNS threat intelligence |
Cisco Firepower NGIPS |
Available; can passively detect endpoints and infrastructure for threat correlation and |
Cisco Advanced Malware Protection (AMP) for Networks |
Available; enables detection, blocking, tracking, analysis, and containment of targeted and |
Cisco AMP Threat Grid sandboxing |
Available |
URL filtering: number of categories |
More than 80 |
URL filtering: number of URLs categorized |
More than 280 Million |
Automated threat feed and IPS signature updates |
Yes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos® group |
Third-party and opensource ecosystem |
Open API for integrations with third-party products; Snort® and OpenAppID community |
High availability and clustering |
Active/standby; up to 6 modules across up to 6 different Firepower 9300 chassis. |
Cisco Trust Anchor Technologies |
Cisco Firepower 9300 Series platforms include Trust Anchor Technologies for supply chain |
Stateful inspection firewall throughput |
75Gbps |
Stateful inspection firewall throughput (multiprotocol) |
50Gbps |
Concurrent firewall connections |
55Million |
Firewall latency (UDP 64B microseconds) |
3.5 |
New connections per second |
800,000 |
IPsec VPN throughput (450B UDP L2L test) |
15Gbps |
Maximum VPN Peers |
20,000 |
Security contexts (included; maximum) |
10;250 |
High availability |
Active/active and active/standby |
Clustering |
Up to 16 security modules across up to 16 different Firepower 9300 chassis |
Scalability |
VPN load balancing, firewall clustering |
Centralized management |
Centralized configuration, logging, monitoring, and reporting are performed by Cisco Security Manager |
Adaptive Security Device Manager |
Web-based, local management for small-scale deployments |