Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
865
Views
5
Helpful
8
Replies

Clarity on specifications of CIsco Firewalls

Security12
Level 1
Level 1

‎12-12-2023 11:57 PM

Hi How do i know/ calculate threat protection throughput of Cisco firewall 4215?

https://www.cisco.com/c/en/us/products/collateral/security/firewalls/secure-firewall-4200-ds.html

 

Please suggest if "throughput: FW + AVC + IPS" is considered as threat protection throughput, i double malware protection throughput is not included in this calculation and as per my understanding, Malware protection throughput must be part of this?

 

please suggest

 

Labels:
0 Helpful
8 Replies 8

M02@rt37
VIP
VIP

‎12-13-2023 12:17 AM

Hello @Security12 

The "throughput: FW + AVC + IPS" value generally represents the combined performance when all these security features (firewall, AVC, and IPS) are active simultaneously. However, it's important to note that this value may not include every security feature available on the firewall.

For a comprehensive threat protection calculation, you would ideally want to consider the combined throughput of all relevant security services, including firewall, AVC, IPS, and malware protection. Malware protection typically involves additional processing for tasks such as file inspection, sandboxing, and antivirus scanning.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Security12
Level 1
Level 1
In response to M02@rt37

‎12-13-2023 12:22 AM

thank you i understand this. However, i dont see any exclusively written throughput for malware protection so i am able to add all services throughput and come up with a certain throughput for threat protection.

 

if you see competitors, most of them exactly mentioned xyz throughput as their threat protection throughput. how do i know this in case of Cisco?

regards

 

0 Helpful

M02@rt37
VIP
VIP
In response to Security12

‎12-13-2023 12:50 AM

@Security12 

You could still estimate the overall threat protection throughput by combining the throughputs of individual services, such as firewall, AVC, and IPS. While this won't provide a dedicated malware protection throughput figure, it can give you an idea of the firewall's overall performance when multiple security services are active.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

MHM Cisco World
VIP
VIP

‎12-13-2023 12:22 AM

There is no exact algorithm to calculate throughput with multi op. FW have' but the happy news you can add throughput later if you reach high limit.

MHM

Security12
Level 1
Level 1
In response to MHM Cisco World

‎12-13-2023 12:26 AM

for sake of procurement, how would i ask a certain threat protection throughput for a Cisco Firewall? say Cisco 4215?

One more thing, TLS hardware decryption throughput can be regarded same as SSL inspection throughput?

Security12
Level 1
Level 1
In response to MHM Cisco World

‎12-13-2023 12:42 AM

i heard 4100 is now discontinued so i am considering 4200 series.

https://www.cisco.com/c/en/us/products/collateral/security/firewalls/secure-firewall-4200-ds.html
these data sheets are in consideration

however, i want to know threat protection throughput of 4200 series firewalls (4215,4225,4245)
also, i want clarity if SSL inspection throughput can be regarded same as TLS HW encryption? 

i am working on a procurement document

0 Helpful

Rob Ingram
VIP
VIP

‎12-13-2023 01:02 AM

@Security12 you should work with your Cisco partner who will have access to the Cisco NGFW performance estimator tool (there is no general access to the public). This tool will more accurately determine the performance of the model of device with the different  features (FW, AVC, IPS, SSL, NAT, encryption etc) enabled.

Customers Also Viewed These Support Documents