Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
649
Views
3
Helpful
7
Replies

firepower sizing

ERIsci
Level 1
Level 1

ā€Ž01-28-2025 05:14 AM

I need to know how I can make sizing to firepower

we already have this module FTD 4110, but we think it's not suitable for our environment  

7 Replies 7

MHM Cisco World
VIP
VIP

ā€Ž01-28-2025 05:17 AM - edited ā€Ž01-28-2025 05:17 AM

contact cisco sales engineer they can help you to decided if FPR 4K ok or you need to go to 9K 

MHM

0 Helpful

Rob Ingram
VIP
VIP

ā€Ž01-28-2025 05:27 AM

@ERIsci can you be more specific. What are your requirements? What is the expected Firewall, IPS throughput? What additional features do you need - IPS, URL filtering, SSL decryption, VPN etc? The more features you enable the less performance, so you'd need to scale for this.

When you know what licensed features you will require your Cisco partner or Cisco account manager can use the NGFW performance estimator tool to identify which hardware will meet your needs.

If the 4100 hardware does not meet your needs, the recently released 4200 hardware has great performance in a 1U chassis (mostly comparable to the 9300 series) or alternatively the 9300, but that hardware is long in the tooth now.

A very basic comparision of the 4200 vs 9300 can be found in the datasheets, note the performance.

https://www.cisco.com/site/us/en/products/security/firewalls/secure-firewall-4200-series/index.html

https://www.cisco.com/site/us/en/products/security/firewalls/firepower-9300-series/index.html

 

ERIsci
Level 1
Level 1

ā€Ž01-28-2025 05:41 AM

can I make any analysis on the current FW to define a number of sessions for example

I reach analysis > active sessions > but gave me sessions from 2021, also I search with the user name but give me anonymous results 

when I reach to analysis > connection event, it gives me million session, is it the target I can count on 

0 Helpful

Aref Alsouqi
VIP
VIP

ā€Ž01-28-2025 05:42 AM

In addition to what @Rob Ingram mentioned, could you please share what limitations/issues you guys are experiencing with the 4110?

ERIsci
Level 1
Level 1

ā€Ž01-28-2025 05:54 AM

no Aref we think that the current one SPECS exceeds our needs 

0 Helpful

Aref Alsouqi
VIP
VIP
In response to ERIsci

ā€Ž01-28-2025 07:05 AM

Thanks for clarifying this.

How many users do you have in your environment?

Does the firewall do inter-VLAN routing and inspection?

What type of traffic you guys usually have in both inbound and outbound directions? is it just a normal office work or do you guys have any files transfer or streaming?

Do you have any site-to-site VPNs? if so, how many tunnels? and what type of traffic is flowing over the VPN tunnels?

Do you have remote access VPN configured? if so, how many users could connect?

What security inspections do you guys apply to the passing through traffic? URL filtering? IPS? or is it just L3/L4 inspection?

0 Helpful

Sheraz.Salim
VIP Alumni
VIP Alumni
In response to ERIsci

ā€Ž01-28-2025 07:58 AM

To add to my question, do you plan to use the firewall in its native form, or does the multi-instance setup not meet with (cpu/ram etc) your requirements? The FTD 4110 is a powerful firewall, classified as an enterprise-grade solution suitable for large-scale business needs.

please do not forget to rate.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card