Are there any 3rd party test results for throughput on the 4100 series?

4120 vs. 9300 Security Module 24 - Enterprise

Stateful inspection firewall throughput: 40Gbps vs. 75 Gbps

Concurrent firewall connections: 15 million vs. 55 million

IPSEC VPN throughput: 10 Gbps vs. 15Gbps

4140 vs. 9300 Security Module 36 - Extreme

Stateful inspection firewall throughput: 60Gbps vs. 80 Gbps

Concurrent firewall connections: 25 million vs. 60 million

IPSEC VPN throughput: 14 Gbps vs. 18Gbps

# of Cores, etc. is the same between the two 4100 and 9300 Boxes, why such big differences in performance?

Thanks for the explanation.

Looking at your numbers I figure that you are comparing ASA software specs.

I guess that the only substantial difference is the amount of RAM, so Cisco must have made some improvements in the usage of memory.

If you look at Firepower instead you go from 5Gbit in a 4120 to 6Gbit in a SM24.

Hi Dennis,

thanks for your reply. But does it matter if i compare ASA Images or FTD Images, Stateful firewall throughput or Sizing Throughput (AVC+IPS)? (As long as i compare the same throughput values.)

Cisco: "Same hardware and software architecture as 9300"  ...same RAM, same CPU, same Core-#...

The differences in throughput are huge in my opinion.

regards

Wladimir

I Agree with you, it is a huge difference, but only with the ASA software.

Think of it it this way. You have two raspberry PI. The one with double the amount of RAM.

You installed Nginx on both. Which one can handle the most concurrent connections?

And Apache is like Firepower. You get less out of the ekstra RAM.

Remember that it is two completely different operating systems.

Keep in mind that in this case Apache will have to serve websites, while Nginx only is looking at the senders IP address to filter and proxy. Two different use cases as well.

Dennis - probably just a difference in language for spelling but if not then can you please fix "Firepower Threat Defence" under the Applications sections for the FP4100 and FP9300 so it is spelled "Defense".

Great work on getting all this information together for the FTD community.

I will work on getting the management process for the FP9300 supervisor for your collection here.

Cheers,

Christopher

It is done. Thank you for telling me.
Apparently I keep switching those letters around. Silly me.

That would be great as it is the only piece of information I cannot see anywhere. Not even on the firepowerngfw.com site.

Thanks Dennis for the typo corrections.

Also a BIG “THANK YOU” for the link to the firepowerngfw.com website. I work for Cisco and did not even know about that website.

I have already added the link to a presentation I have to give in the AM.

Thanks again!

Christopher M. Heffner, CCIE #8211, CCSI #98760, CICSS

Technical Solutions Architect

GET Security

Cisco Systems

“ISE Champion”

https://new-webex.webex.com/meet/chheffne

--

Hi Christopher

Please keep in mind that the SSDs shown on that website is all 120GB. This can not be true as the FP4100 is not sold with less than 400GB SSDs.
The same for 5506, 5508 and 5516.

And is is just me, or did they switch the labels for the Cavium and the CPU?

I will have to check into the labels on the website and see if they are incorrect about getting them fixed.

I have to figure out “who” the owner of the website content is FIRST!

Cheers,

Christopher

Did you load the kickstart image?

Thanks for your reply.

Yes, I load the kickstart image but after that it will goes me to Firepower CLI mode FP4120#.

Can you provide me the step by step reseting document or any other option for reseting it.?

Thanks

Qamar