company
f5
cisco
Hardware Offload SSL/TLS
ECC†: ۲.۱K TPS (ECDSA P-256)
RSA: 2.5K TPS (2K keys)
۵ Gbps bulk encryption
FIPS SSL
N/A
Hardware Compression
N/A
Hardware DDoS Protection
N/A
TurboFlex Performance Profiles
N/A
Software Compression
۳ Gbps
Software Architecture
۶۴-bit TMOS
On-Demand Upgradable
Yes
Virtualization (Maximum Number of vCMP Guests)
N/A
Processor
One 2-Core Intel Pentium processor
(total 4 hyperthreaded logical processor cores)
Memory
۱۶ GB DDR4
Hard Drive
۱x 500 GB Enterprise Class HDD
Gigabit Ethernet CU Ports
Optional SFP
Gigabit Fiber Ports (SFP)
۴ SX or LX (sold separately)
۱۰ Gigabit Fiber Ports (SFP+)
۲ SR/LR (sold separately); optional 10G copper direct attach
۴۰ Gigabit Fiber Ports (QSFP+)
N/A
Power Supply
۱x 250W Platinum AC PSU (Additional PSU optional,
۲x 650W DC PSU Option)
Typical Consumption
۹۵W (single power supply, 110V input)**
Input Voltage
۱۰۰-۲۴۰ VAC +/- 10% auto switching, 50/60hz
Typical Heat Output
۳۲۵ BTU/hour (single power supply, 110V input)**
Dimensions
۱.۷۲” (۴.۳۷ cm) H x 17.4” (۴۴.۲ cm) W x 22.5” (۵۷.۱۵ cm) D
۱U industry standard rack-mount chassis
Weight
۲۰ lbs. (9.07 kg) (single power supply)
Operating Temperature
۳۲°F to 104°F
Operational Relative Humidity
۵% to 85% at 40º C
Safety Agency Approval
ANSI/UL 60950-1-2014
CSA 60950-1-07, including A1:2011+A2:2014
IEC 60950-1:2005; A1:2009+A2:2013
EN 60950-1:2006+A11:2009+A1:2010+A12:2011+A2:2013
Certifications/ Susceptibility Standards
ETSI EN 300 386 V1.6.1 (2012)
EN 55032:2012 Class A; EN 61000-3-2:2014
EN 61000-3-3:2013; EN 55024:2010
FCC Class A (Part 15), IC Class A, VCCI Class A
Throughput: FW + AVC (1024B)
۱۴Gbps
Throughput: FW + AVC + IPS (1024B)
۱۲.۵Gbps
Maximum concurrent sessions, with AVC
۱۰Million
Maximum new connections per second, with AVC
۸۵K
TLS (Hardware Decryption)
۴.۵Gbps
Throughput: NGIPS (1024B)
۱۵Gbps
IPSec VPN Throughput (1024B TCP w/Fastpath)
۶Gbps
Multi-Instance Capable
Yes
Application Visibility and Control (AVC)
Standard, supporting more than 4000 applications, as well as geolocations, users, and websites
AVC: OpenAppID support for custom, open source, application detectors
Standard
Cisco Security Intelligence
Standard, with IP, URL, and DNS threat intelligence
Cisco Firepower NGIPS
Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence
Cisco AMP for Networks
Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks.
Integrated threat correlation with Cisco AMP for Endpoints is also optionally available
Cisco AMP Threat Grid sandboxing
Available
URL Filtering: number of categories
More than 80
URL Filtering: number of URLs categorized
More than 80 Million
Automated threat feed and IPS signature updates
Yes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group
Third-party and opensource ecosystem
Open API for integrations with third-party products; Snort® and OpenAppID community resources for new and specific threats
High availability and clustering
Active/standby. Cisco Firepower 4100 Series allows clustering of up to 6 chassis
Cisco Trust Anchor Technologies
Firepower 4100 Series platforms include Trust Anchor Technologies for supply chain and software image assurance
Stateful inspection firewall throughput
۴۰Gbps
Stateful inspection firewall throughput (multiprotocol)
۳۰Gbps
Concurrent firewall connections
۱۰Million
Firewall latency (UDP 64B microseconds)
۳.۵
New connections per second
۴۰۰,۰۰۰
IPsec VPN throughput (450B UDP L2L test)
۹Gbps
Maximum VPN Peers
۱۰,۰۰۰
Security contexts (included; maximum)
۱۰; ۲۵۰
High availability
Active/active and active/standby
Clustering
Up to 16 appliances
Scalability
VPN Load Balancing, Firewall Clustering
Centralized management
Centralized configuration, logging, monitoring, and reporting are performed by Cisco Security Manager or alternatively in the cloud with Cisco Defense Orchestrator
Adaptive Security Device Manager
Web-based, local management for small-scale deployments