Migrate to Cisco Firepower 2100 Series/NGFW Security Platforms The trending Cisco’s security product in 2018 is Firepower 2100 Series. The Cisco Firepower 2100 Series is a family of four threat-focused NGFW security platforms that deliver business resiliency through superior threat defense. It offers exceptional sustained performance when advanced threat functions are enabled. These platforms uniquely incorporate an innovative dual multicore CPU architecture that optimizes firewall, cryptographic, and threat inspection functions simultaneously. The series’ firewall throughput range addresses use cases from the Internet edge to the data center. Network Equipment Building Standards (NEBS)compliance is supported by the Cisco Firepower 2100 Series platform. Cisco Firepower 2100 Series can be deployed either as a NextGeneration Firewall (NGFW) or as a Next-Generation IPS (NGIPS). They are perfect for the Internet edge and all the way in to the data center. Cisco Firepower NGFW
Four new models are available: 2110, 2120, 2130, and 2140
Migration to Cisco NGFW-Firepower 2100 Series Legacy Firewalls Cisco ASA 5520 Cisco ASA 5520 Cisco ASA 5550
Migration to Cisco NGFW Cisco Firepower 2100 Series Cisco Firepower 2100 Series Cisco Firepower 2100 Series
Performance Specifications and Feature Highlights for Physical and Virtual Appliances with the Cisco Firepower Threat Defense Image Features
Cisco Firepower Model NGFWv
2110
2120
2130
2140
Throughput: FW + 1.2 Gbps AVC
2.0 Gbps
3 Gbps 4.75 Gbps
8.5 Gbps
Throughput: AVC + IPS
2.0 Gbps
3 Gbps 4.75 Gbps
8.5 Gbps
Maximum concurrent 100,000 sessions, with AVC
1 million
1.2 million
2 million 3.0 million
Maximum new connections per second, with AVC
10,000
12,000
16,000
24,000
40,000
IPSec VPN Throughput (1024B TCP w/Fastpath)
-
750 Mbps 1 Gbps
1.5 Gbps
3 Gbps
1500
3500
7500
10000
Yes
Yes
Yes
1.1 Gbps
Maximum VPN Peers Cisco Firepower Device Manager (local management)
Yes (VMware Yes only)
Centralized manage ment
Centralized configuration, logging, monitoring, and reporting are performed by the Management Center or alternatively in the cloud with Cisco Defense Orchestrator
Features
Cisco Firepower Model NGFWv
Application Visibility and Control (AVC)
2110
2120
2130
2140
Standard, supporting more than 4000 applications, as well as geolocations, users, and websites
AVC: OpenAppID Standard support for custom, open source, application detectors Cisco Security Intelligence
Standard, with IP, URL, and DNS threat intelligence
Cisco Firepower NGIPS
Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence
Cisco AMP for Networks
Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco AMP for Endpoints is also optionally available
Cisco AMP Threat Grid sandboxing
Available
URL Filtering: More than 80 number of categories URL Filtering: number of URLs categorized
More than 280 million
Automated threat feed and IPS signature updates
Yes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group (https://www.cisco.com/c/en/us/products/security/tal os.html)
Features
Cisco Firepower Model NGFWv
2110
2120
2130
2140
Third-party and open-source ecosystem
Open API for integrations with third-party products; SnortÂŽ and OpenAppID community resources for new and specific threats
High availability and clustering
Active/Standby for ESXi and KVM
Active/standby; for Cisco Firepower 9300 intrachassis clustering of up to 5 chassis is allowed; Cisco Firepower 4100 Series allows clustering of up to 6 chassis
VLANs maximum
-
1024
Cisco Trust Anchor Technologies
-
ASA 5506-X, 5508-X, and 5516-X appliances, Firepower 2100 Series and Firepower 4100 Series and 9300 platforms include Trust Anchor Technologies for supply chain and software image assurance. Please see the section below for additional details
Note: Throughput assumes HTTP sessions with an average packet size of 1024 bytes. Performance will vary depending on features activated, and network traffic protocol mix, packet size characteristics and hypervisor employed (NGFWv). Performance is subject to change with new software releases. Consult your Cisco representative for detailed sizing guidance. Learn more: ASA Performance and Capabilities on Firepower 2100 Series Appliances Firepower 2100 Series PIDs The following table lists all of the PIDs associated with the Firepower 2100 series. See the show inventory and show inventory expand commands in the Cisco FXOS Troubleshooting Guide for the Firepower 2100 Series to display a list of the PIDs for your Firepower 2100.
PID
Description
FPR2110-NGFW-K9 Cisco Firepower 2110 NGFW appliance 1 RU FPR2120-NGFW-K9 Cisco Firepower 2120 NGFW appliance 1 RU FPR2130-NGFW-K9 Cisco Firepower 2130 NGFW appliance 1 RU with 1 network module bay FPR2140-NGFW-K9 Cisco Firepower 2140 NGFW appliance 1 RU with 1 network module bay FPR2110-ASA-K9
Cisco Firepower 2110 ASA appliance 1 RU
FPR2120-ASA-K9
Cisco Firepower 2120 ASA appliance 1 RU
FPR2130-ASA-K9
Cisco Firepower 2130 ASA appliance 1 RU with 1 network module bay
FPR2140-ASA-K9
Cisco Firepower 2140 ASA appliance 1 RU with 1 network module bay
FPR2110-K9=
Firepower 2110 appliance 1 RU with no power supply or fan (spare)
FPR2120-K9=
Firepower 2120 appliance 1 RU with no power supply or fan (spare)
FPR2130-K9=
Firepower 2130 appliance with 1 network module bay and no power supply or fan (spare)
FPR2140-K9=
Firepower 2140 appliance with 1 network module bay and no power supply or fan (spare)
FPR2K-PWR-DC350
350W DC power supply
FPR2K-PWR-DC350=
350W DC power supply (spare)
FPR2K-PWR-AC400
400W AC power supply
FPR2K-PWR-AC400=
400W AC power supply (spare)
FPR2K-PSU-BLANK
Power supply blank slot cover
PID
Description
FPR2110-NGFW-K9 Cisco Firepower 2110 NGFW appliance 1 RU FPR2K-PSUBLANK=
Power supply blank slot cover (spare)
FPR2K-SSD100
SSD for Firepower 2110 and 2120
FPR2K-SSD100=
SSD for Firepower 2110 and 2120 (spare)
FPR2K-SSD200
SSD for Firepower 2130 and 2140
FPR2K-SSD200=
SSD for Firepower 2130 and 2140 (spare)
FPR2K-SSD-BBLKD
SSD slot carrier
FPR2K-SSDBBLKD=
SSD slot carrier (spare)
FPR-MSP-SSD
MSP SSD
FPR-MSP-SSD=
MSP SSD (spare)
FPR2K-FAN
Fan tray for the Firepower 2130 and 2140
FPR2K-FAN=
Fan tray for the Firepower 2130 and 2140 (spare)
FPR2K-NM-8X10G
8-port SFP+ network module
FPR2K-NM8X10G=
8- port SFP+ network module (spare)
FPR2K-NM-BLANK
Network module blank slot cover
FPR2K-NMBLANK=
Network module blank slot cover (spare)
FPR2K-CBL-MGMT
Cable management brackets
FPR2K-CBLMGMT=
Cable management brackets (spare)
FPR2K-RM-BRKT=
Rackmount brackets (spare)
FPR2K-SLIDERAILS
Slide rail kit
PID
Description
FPR2110-NGFW-K9 Cisco Firepower 2110 NGFW appliance 1 RU FPR2K-SLIDERAILS=
Slide rail kit (spare)
FPR2K-RAILBRKT=
Slide rail brackets (spare)
See Product IDs for a list of the product IDs (PIDs) associated with the 2100 series. Get the Best Prices on Firepower 2100 Series
More Related Finding the Sweet Spot–Firepower 2100 The New Cisco Firepower 2100 Series How to Deploy the Cisco ASA FirePOWER Services in the Internet Edge, VPN Scenarios and Data Center? The Most Common NGFW Deployment Scenarios