company
f5
cisco
juniper
Hardware Offload SSL/TLS
ECC†: ۲.۱K TPS (ECDSA P-256)
RSA: 2.5K TPS (2K keys)
۵ Gbps bulk encryption
FIPS SSL
N/A
Hardware Compression
N/A
Hardware DDoS Protection
N/A
TurboFlex Performance Profiles
N/A
Software Compression
۳ Gbps
Software Architecture
۶۴-bit TMOS
On-Demand Upgradable
Yes
Virtualization (Maximum Number of vCMP Guests)
N/A
Processor
One 2-Core Intel Pentium processor
(total 4 hyperthreaded logical processor cores)
Memory
۱۶ GB DDR4
Hard Drive
۱x 500 GB Enterprise Class HDD
Gigabit Ethernet CU Ports
Optional SFP
Gigabit Fiber Ports (SFP)
۴ SX or LX (sold separately)
۱۰ Gigabit Fiber Ports (SFP+)
۲ SR/LR (sold separately); optional 10G copper direct attach
۴۰ Gigabit Fiber Ports (QSFP+)
N/A
Power Supply
۱x 250W Platinum AC PSU (Additional PSU optional,
۲x 650W DC PSU Option)
Typical Consumption
۹۵W (single power supply, 110V input)**
Input Voltage
۱۰۰-۲۴۰ VAC +/- 10% auto switching, 50/60hz
Typical Heat Output
۳۲۵ BTU/hour (single power supply, 110V input)**
Dimensions
۱.۷۲” (۴.۳۷ cm) H x 17.4” (۴۴.۲ cm) W x 22.5” (۵۷.۱۵ cm) D
۱U industry standard rack-mount chassis
Weight
۲۰ lbs. (9.07 kg) (single power supply)
Operating Temperature
۳۲°F to 104°F
Operational Relative Humidity
۵% to 85% at 40º C
Safety Agency Approval
ANSI/UL 60950-1-2014
CSA 60950-1-07, including A1:2011+A2:2014
IEC 60950-1:2005; A1:2009+A2:2013
EN 60950-1:2006+A11:2009+A1:2010+A12:2011+A2:2013
Certifications/ Susceptibility Standards
ETSI EN 300 386 V1.6.1 (2012)
EN 55032:2012 Class A; EN 61000-3-2:2014
EN 61000-3-3:2013; EN 55024:2010
FCC Class A (Part 15), IC Class A, VCCI Class A
Throughput: Firewall (FW) + Application Visibility and Control (AVC) (1024B)
۲۵Gbps
Throughput: FW + AVC + Intrusion Prevention System (IPS (1024B)
۲۱Gbps
Maximum concurrent sessions, with AVC
۳۰Million
Maximum new connections per second, with AVC
۱۳۰K
TLS (Hardware Decryption)
۷.۵Gbps
Throughput: NGIPS (1024B)
۳۰Gbps
IPSec VPN throughput (1024B TCP w/Fastpath)
۱۳.۵Gbps
AVC
Standard, supporting more than 4000 applications, as well as geolocations, users, and
websites
AVC: OpenAppID support for custom, open-source application detectors
Standard
Cisco Security Intelligence
Standard, with IP, URL, and DNS threat intelligence
Cisco Firepower NGIPS
Available; can passively detect endpoints and infrastructure for threat correlation and
Indicators of Compromise (IoC) intelligence
Cisco Advanced Malware Protection (AMP) for Networks
Available; enables detection, blocking, tracking, analysis, and containment of targeted and
persistent malware, addressing the attack continuum both during and after attacks. Integrated
threat correlation with Cisco AMP for Endpoints is also optionally available
Cisco AMP Threat Grid sandboxing
Available
URL filtering: number of categories
More than 80
URL filtering: number of URLs categorized
More than 280 Million
Automated threat feed and IPS signature updates
Yes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos® group
(https://www.cisco.com/c/en/us/products/security/talos.html)
Third-party and opensource ecosystem
Open API for integrations with third-party products; Snort® and OpenAppID community
resources for new and specific threats
High availability and clustering
Active/standby; up to 6 modules across up to 6 different Firepower 9300 chassis.
Cisco Trust Anchor Technologies
Cisco Firepower 9300 Series platforms include Trust Anchor Technologies for supply chain
and software image assurance.
Stateful inspection firewall throughput
۷۵Gbps
Stateful inspection firewall throughput (multiprotocol)
۵۰Gbps
Concurrent firewall connections
۵۵Million
Firewall latency (UDP 64B microseconds)
۳.۵
New connections per second
۸۰۰,۰۰۰
IPsec VPN throughput (450B UDP L2L test)
۱۵Gbps
Maximum VPN Peers
۲۰,۰۰۰
Security contexts (included; maximum)
۱۰;۲۵۰
High availability
Active/active and active/standby
Clustering
Up to 16 security modules across up to 16 different Firepower 9300 chassis
Scalability
VPN load balancing, firewall clustering
Centralized management
Centralized configuration, logging, monitoring, and reporting are performed by Cisco Security Manager
or alternatively in the cloud with Cisco Defense Orchestrator
Adaptive Security Device Manager
Web-based, local management for small-scale deployments