Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
532
Views
10
Helpful
1
Replies

What is the best current stateful Client VPN platform.

Go to solution
Adrian-PL
Level 1
Level 1

‎04-05-2022 03:12 AM - edited ‎04-05-2022 03:38 AM

Hello experts!

 

I would like to ask you kindly for advice for what is the best current platform that cisco offers that fulfills the below requirements:

- IPSEC throughput is at least 300 Mbps

- Expected End of Vulnerability/Security Support exceeds 2027

- Stateful HA

- Supports integration for u2f keys(I know it's more on the radius part but still it's important)

- Handles at least 50 concurrent users

- VRF Lite support

- Allows for autonomous mode for configuration

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-05-2022 09:52 AM

All Cisco Firepower hardware platforms exceed 300 Mbps IPsec VPN throughput.

Cisco doesn't say when support ends until end of sales is announced. When they do, end of support is typically 5 years out (i.e. April 2027 if something was announced end or sales today).

Stateful HA is supported on all the Firepower hardware.

u2f keys can be used with Firepower-based remote access VPN but, as you noted, it is the backend RADIUS server that handles the MFA bits.

All Cisco Firepower hardware platforms are able to exceed 50 concurrent users.

VRF lite is supported on all Cisco Firepower hardware.

If by autonomous mode you mean configured directly on box, you can do that with Firepower Device manager (FDM). However most customers choose to use the separate Firepower Management Center as it is more full-featured and allows for management of multiple firewalls using common objects and policy elements.

View solution in original post

1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-05-2022 09:52 AM

All Cisco Firepower hardware platforms exceed 300 Mbps IPsec VPN throughput.

Cisco doesn't say when support ends until end of sales is announced. When they do, end of support is typically 5 years out (i.e. April 2027 if something was announced end or sales today).

Stateful HA is supported on all the Firepower hardware.

u2f keys can be used with Firepower-based remote access VPN but, as you noted, it is the backend RADIUS server that handles the MFA bits.

All Cisco Firepower hardware platforms are able to exceed 50 concurrent users.

VRF lite is supported on all Cisco Firepower hardware.

If by autonomous mode you mean configured directly on box, you can do that with Firepower Device manager (FDM). However most customers choose to use the separate Firepower Management Center as it is more full-featured and allows for management of multiple firewalls using common objects and policy elements.

Customers Also Viewed These Support Documents