Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1616
Views
7
Helpful
8
Replies

Cisco Firepower 3100 vs 4100

johnlloyd_13
Level 9
Level 9

‎05-24-2024 06:59 AM

hi,

we're planning to do a HW refresh on our ASA 5545-x and 5555-x before EoL next year 2025.

we're going to run ASA code on the FPR boxes. my question is, do we go with 31xx or 41xx series?

aside from their performance in the data sheet, what are the pros and cons between these two model/series?

was thinking of replacing 5545-x with 31xx and 5555-x with 41xx? is this a good rule of thumb/estimate?

 

0 Helpful
8 Replies 8

MHM Cisco World
VIP
VIP

‎05-24-2024 07:06 AM - edited ‎05-25-2024 12:11 PM

Thanks 

MHM

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-24-2024 07:14 AM

The 4100 series was first released in 2016. The 3100 series in 2022.So expect the 4100 series to be deprecated sooner (in favor of 4200 series).

Everything in the 3100 series offers more performance than anything from the 5500 series.

johnlloyd_13
Level 9
Level 9
In response to Marvin Rhoads

‎05-24-2024 04:55 PM - edited ‎05-24-2024 04:55 PM

hi marvin,

thanks for the heads up on 4200! i just checked its data sheet:

https://www.cisco.com/c/en/us/products/collateral/security/firewalls/secure-firewall-4200-ds.html

was there or did you see an announcement for 4100 EoS?

so do you recommend getting a cisco secure FW 3100 or 4200? how about price wise?

 

0 Helpful

Rob Ingram
VIP
VIP

‎05-24-2024 07:42 AM

@johnlloyd_13 I agree with @Marvin Rhoads the Firepower 3100 hardware should suffice to replace your ASA hardware. Running ASA software is fine, Cisco confirmed the ASA software is still in demand by customers and still being developed with new features.

Also, correction to a previous comment, not that you require it, but the Firepower 3100 does support Multi Instance if running FTD software https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/device-ops-multi-instance.html

 

Marius Gunnerud
VIP
VIP

‎05-24-2024 03:33 PM

I also vote for 3100 series. One advantage is that  the FXOS upgrade is integrated with the software upgrade on the 3100, unlike the 4100 where you would need to do 2 upgrades, first the FXOS and then the FTD.

Also, as @Marvin Rhoads has mentioned, the 4100 series is an older series, though I do believe that the 4112, 4115, 4125, and 4145 will be around for some years to come, they will go EOL before the 3100 series.

--
Please remember to select a correct answer and rate helpful posts

johnlloyd_13
Level 9
Level 9

‎05-24-2024 04:57 PM

hi marius,

i did read about the upgrade process for the 4100 series.

does this mean i upgrade the 4100 ASA code via FXOS? similar to 2100 platform mode?

0 Helpful

Marius Gunnerud
VIP
VIP
In response to johnlloyd_13

‎05-24-2024 11:40 PM

Since the FTD and FXOS in the 4100 series are separate you will still need to do two upgrades (depending on if the FXOS version you are running supports the ASA version you are upgrading to).  So each time you do an upgrade you would need to be mindful of the compatibility matrix so that you are running an FXOS version that will support the ASA version you are upgrading to.

the 1000, 2000, and 3100 only one upgrade is needed since the FXOS upgrade is integrated with the FTD / ASA software upgrade.

--
Please remember to select a correct answer and rate helpful posts
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card