cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6212
Views
13
Helpful
15
Comments
hcaldwel
Cisco Employee
Cisco Employee

banner ngfw.PNG

What Cisco Security announced ...

Introducing Cisco Firepower 2100 Series Next-Generation Firewall.  With threats like ransomware, when you’re breached, your network’s not ‘up’. Cisco Firepower 2100 Series NGFWs deliver business resiliency through superior threat defense. When advanced threat functions are enabled, Firepower NGFW sustains throughput performance versus competing designs. Cisco also improves IT efficiency with simplified management. Keep your network optimized, and data safe, with Firepower.

Visit the Firepower 2100 series page for more information, read the press release, and read on for details.

More insights:

Read Dave Stuart's insights on the Cisco Firepower 2100 Series

David Ulevitch and Jason Lamar intro the new NGFWs:

* Register for the March 1, NGFW briefing to hear Dave Stuart and team provide details and demos

NGFW blog.PNGFirepower 2100 Stacked Straight.png

* Registration for the Security Customer Connection Program is required.  Registration is quick and easy to complete.  After that, make your way to the Security track and you'll find this webinar and all upcoming offerings.

We know you have questions

Let's start a conversation! Simply reply to this post or start a new discussion. Your peers and Cisco product teams would be interested in hearing what you think and what questions you have on our recent announcements or anything Cisco Security related.

Comments
Gallifrean
Level 7
Level 7

interested in a comparison between the NGFW 2100 and the NGFW ASA 5500 series.

Is it that the 2100 has a superior throughput due to its quad core and separation of lower level OSI layers and upper level layers?

carbaker
Cisco Employee
Cisco Employee
Gallifrean
Level 7
Level 7

Thanks Caroline that made it a lot clearer,

              so it appears that the 2100 & 4100 are higher end NGFW

with significantly higher throughput.

jolaughl
Level 1
Level 1

Peter, the "superior" throughput you mention - if you mean in comparison to the ASA 5500-X Series - is actually built in to the design.  But if you mean how it sustains that same throughput once the IPS function is activated - that is due to the dual multi-core CPU architecture you cite.

jolaughl
Level 1
Level 1

Don't forget about the Firepower 9300 as well.  It should be noted that all three sets are also able to run as a Firepower NGIPS (Next-generation IPS).

Gallifrean
Level 7
Level 7

Thanks Joseph

I had read about the split processing of the 2100 series. Seems a very sensible thing to do. Examine & filter out the lower level "packets" before examining higher level data.

I suppose if you had a spare $20,000 or so to give me I could get a 9300.

jolaughl
Level 1
Level 1

I will check my sofa cushions, Peter.

mlouis
Level 1
Level 1

Why do we not see performance numbers with AMP enabled or SSL enabled? I can see that we have the same throughput with NGIPS and AVC. However, how do we size for other combinations of features like AMP, URL Filtering, or SSL decrypt? Will that information be coming out soon?

jolaughl
Level 1
Level 1

Engineering is still testing AMP and SSL decryption performance (availability of the 2100s is still scheduled for the end of April) and they will be incorporated into our Performance Estimator tool when completed.

juanfigueredo
Level 1
Level 1

The Cisco Firepower Malware Storage Pack, SSD (FPR-MSP-SSD) is mandatory for AMP Service?

Dennis Perto
Level 5
Level 5

It is not mandatory. It is an extra storage pack for malware (or unknown files) caught on the wires.

juanfigueredo
Level 1
Level 1

Thanks

inderdeeps
Level 4
Level 4

Well Cisco Firepower is amazing product now. You can have two different models with the various licensing models in Cisco 2100 series firewall. One model is Cisco Firepower with ASA image where you can have the same capabilities of ASA CLI model and the other Cisco model is Cisco Firepower with NGFW image. 

 

http://www.routexp.com/2017/09/cisco-next-generation-firewalls-cisco.html

nicolasr76
Level 1
Level 1

Would be nice to have the Visio Stencils made for the Cisco Firepower 2100 series.

 

Thank you

Nicolas Rolland

Ottawa, ON

jwc4521
Level 1
Level 1

I would like to use my ASA 5525-X startup-configuration to configure my new firepower 2120. Is there an "offline" way to migrate the ASA 5525-X startup-config file to FTD using the Firepower Migration Tool without having to connect the 2120 NGFW to the internet?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: