Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2442
Views
15
Helpful
8
Replies

Throughput

elite2010
Level 3
Level 3

‎06-24-2019 11:20 PM - edited ‎02-21-2020 09:14 AM

Hi,

How the ips ,ngfw and threat protection throughput related to Firewall throughput 

And what is the  difference between the   ips ,ngfw and threat protection throughput

Thanks

0 Helpful
8 Replies 8

balaji.bandi
Hall of Fame
Hall of Fame

‎06-25-2019 12:21 AM

Depends on Design and network.

 

here is the information cisco point of view. :

 

https://www.cisco.com/c/dam/m/sl_si/events/2017/cisco-connect/pdf/ConnectSLO_Cisco-Next-Generation-Firewall-and-IPS.pdf

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

elite2010
Level 3
Level 3
In response to balaji.bandi

‎06-25-2019 12:35 AM

Hi,

Depends on Design and network.

Can you give an example .?

In normal case how these throughput  influence each other 

Thanks

 

 

0 Helpful

elite2010
Level 3
Level 3
In response to balaji.bandi

‎06-25-2019 10:34 PM

Hi,

Firewall Throughput (ASA) is 3 gbps and FW + AVC  throughput is1750 Mbps .

Does it mean it reduces th throughput if we enable FW+AVC 

Thanks

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to elite2010

‎06-25-2019 11:06 PM

Yes, enabling more features generally requires the appliance to do more work (consume CPU etc.) thus it slows down.

Imagine you can run a distance at whatever speed. Now imagine running the same distance carrying a heavy load. your speed will be slower.

Only on some of the newest appliances (i.e. Firepower 4100 and 9300 series) does speed remain close to uniform despite turning on additional features. That is because they have purpose built hardware (custom ASICs, network interface cards etc.) that is designed to offload those features which might otherwise be done with additional software processing and a general purpose CPU.

elite2010
Level 3
Level 3
In response to Marvin Rhoads

‎06-25-2019 11:37 PM

Hi,

If I am buying a ASA5545 With FTD image , which datasheet I shoud refer ?

https://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/datasheet-c78-733916.html

 

https://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/datasheet-c78-733916.html

 

Why cisco says just IPS  in some datasheets and some place says . NGIPS

what is the differnece between IPS and NGIPS

?

Thanks

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to elite2010

‎06-26-2019 12:45 AM

Yes you add more advance features, the performance go down - since it required to process all the rules and intercept the traffic.

 

To be honestly - bewcuase organically grown this documents, Cisco have many cosmotic errors in the documentation

 

5545-X  with FTD you can use ( if you buying new Device) suggest to go with firepower appliance directly rather ASA

like 2100/4XXX /9XXX  depends on requirement.

 

Again all the models not going to support FTD check version and model before buying ASA.

 

IPS is traditional Cisco one

NGIPS - is the next generation IPS with Firrepower

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

elite2010
Level 3
Level 3
In response to balaji.bandi

‎07-01-2019 12:37 AM

Hi,

you said "5545-X  with FTD you can use ( if you buying new Device) suggest to go with firepower appliance directly rather ASA"

 

You recommending asa 5545-x  FTD  or firepower appliances?

If firepower appliance which one you suggest ? 

 

Thanks

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to elite2010

‎07-01-2019 08:08 AM

Firepower Diretion 2100 / 4100 (for medium) - to replace 5545X

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card