Cisco Firepower 4100 License

  • Technical Support
  • Last updated on: 07 Jan 2020

Click Here for Ordering guide of Cisco Firepower 4100 License

Cisco Firepower 4100 Series appliances

The Cisco Firepower 4100 Series is a family of seven threat-focused NGFW security platforms. Their throughput range addresses data center and internet edge use cases. They deliver superior threat defense, at faster speeds, with a smaller footprint. Cisco Firepower 4100 Series supports flow-offloading, programmatic orchestration, and the management of security services with RESTful APIs. Network Equipment Building Standards (NEBS)-compliance is supported by the Cisco Firepower 4120 platform. The 4100 Series platforms can run either the Cisco ASA Firewall or Cisco Firepower Threat Defense (FTD) software.

Model overview

Cisco Firepower 4100 License

Cisco Firepower 4100 Series summary:

Cisco Firepower 4100 Series summary

ModelFirewallNGFWNGIPSInterfacesOptional Interfaces
FPR-411035G11G15G8 x SFP+ on-chassis2 x NM’s: 1/10/40G, FTW
FPR-4115(New)80G26G27G8 x SFP+ on-chassis2 x NMs: 1/10/40G, FTW
FPR-412060G19G27G8 x SFP+ on-chassis2 x NM’s: 1/10/40G, FTW
FPR-4125(New)80G35G41G8 x SFP+ on-chassis2 x NMs: 1/10/40G, FTW
FPR-414070G27G38G8 x SFP+ on-chassis2 x NM’s: 1/10/40G, FTW
FPR-4145(New)80G45G55G8 x SFP+ on-chassis2 x NMs: 1/10/40G, FTW
FPR-415075G39G52G8 x SFP+ on-chassis2 x NM’s: 1/10/40G, FTW

CALL NOW

Contact our sales experts to find out pricing and how to get your license through price inquiry form.

Detailed performance specifications and feature highlights

Table 1. Performance specifications and feature highlights for Firepower 4100 with the Cisco Firepower Threat defense image

Detailed performance specifications and feature highlights

Features4110411541204125414041454150
Throughput: FW + AVC (1024B)13 Gbps27 Gbps22 Gbps40 Gbps32 Gbps53 Gbps45 Gbps
Throughput: FW + AVC + IPS (1024B)11 Gbps26 Gbps19 Gbps35 Gbps27 Gbps45 Gbps39 Gbps
Maximum concurrent sessions, with AVC10 million15 million15 million25 million25 million30 million30 million
Maximum new connections per second, with AVC64K200K118K265K172K350K263K
TLS (Hardware Decryption)14.5 Gbps6.5 Gbps7.1 Gbps8 Gbps7.3 Gbps10 Gbps7.5 Gbps
Throughput: NGIPS (1024B)15 Gbps27 Gbps27 Gbps41 Gbps38 Gbps55 Gbps52 Gbps
IPSec VPN Throughput (1024B TCP w/Fastpath)6 Gbps8 Gbps10 Gbps14 Gbps13 Gbps18 Gbps14 Gbps
Maximum VPN Peers10,00015,00015,00020,00020,00020,00020,000
Multi-Instance CapableYes
Centralized managementCentralized configuration, logging, monitoring, and reporting are performed by the Management Center or alternatively in the cloud with Cisco Defense Orchestrator
Application Visibility and Control (AVC)Standard, supporting more than 4000 applications, as well as geolocations, users, and websites
AVC: OpenAppID support for custom, open source, application detectorsStandard
Cisco Security IntelligenceStandard, with IP, URL, and DNS threat intelligence
Cisco Firepower NGIPSAvailable; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence
Cisco AMP for NetworksAvailable; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco AMP for Endpoints is also optionally available
Cisco AMP Threat Grid sandboxingAvailable
URL Filtering: number of categoriesMore than 80
URL Filtering: number of URLs categorizedMore than 280 million
Automated threat feed and IPS signature updatesYes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group (https://www.cisco.com/c/en/us/products/security/talos.html)
Third-party and open-source ecosystemOpen API for integrations with third-party products; Snort® and OpenAppID community resources for new and specific threats
High availability and clusteringActive/standby. Cisco Firepower 4100 Series allows clustering of up to 6 chassis
Cisco Trust Anchor TechnologiesFirepower 4100 Series platforms include Trust Anchor Technologies for supply chain and software image assurance.

NOTE: Performance will vary depending on features activated, and network traffic protocol mix, and packet size characteristics. Performance is subject to change with new software releases. Consult your Cisco representative for detailed sizing guidance.

Table 2. ASA Performance and capabilities on Firepower 4100 appliances

ASA Performance and capabilities on Firepower 4100 appliances

Features4110411541204125414041454150
Stateful inspection firewall throughput135 Gbps80 Gbps60 Gbps80 Gbps70 Gbps80 Gbps75 Gbps
Stateful inspection firewall throughput (multiprotocol)215 Gbps40 Gbps30 Gbps45 Gbps40 Gbps50 Gbps50 Gbps
Concurrent firewall connections10 million15 million15 million25 million25 million40 million35 million
Firewall latency (UDP 64B microseconds)3.53.53.53.53.53.53.5
New connections per second150,000848K250,0001.1 million350,0001.5 million800,000
IPsec VPN throughput (450B UDP L2L test)8 Gbps15 Gbps10 Gbps19 Gbps14 Gbps23 Gbps15 Gbps
Maximum VPN Peers10,00015,00015,00020,00020,00020,00020,000
Security contexts (included; maximum)10; 25010; 25010; 25010; 25010; 25010; 25010; 250
High availabilityActive/active and active/standby
ClusteringUp to 16 appliances
ScalabilityVPN Load Balancing, Firewall Clustering.
Centralized managementCentralized configuration, logging, monitoring, and reporting are performed by Cisco Security Manager or alternatively in the cloud with Cisco Defense Orchestrator
Adaptive Security Device ManagerWeb-based, local management for small-scale deployments

CALL NOW

Contact our sales experts to find out pricing and how to get your license through price inquiry form.

Hardware specifications

Table 3. Cisco Firepower 4100 Series hardware specifications

Cisco Firepower 4100 Series hardware specifications

Features4110411541204125414041454150
Dimensions (H x W x D)1.75 x 16.89 x 29.7 in. (4.4 x 42.9 x 75.4 cm)
Form factor (rack units)1RU
SupervisorCisco Firepower 4000 Supervisor with 8 x 10 Gigabit Ethernet ports and 2 Network Module (NM) slots for I/O expansion
Network modules

●  8 x 10 Gigabit Ethernet Enhanced Small Form-Factor Pluggable (SFP+) network modules

●  4 x 40 Gigabit Ethernet Quad SFP+ network modules

●  8-port 1Gbps copper, FTW (fail to wire) Network Module

◦   6-port 1 Gbps SX Fiber FTW (fail to wire) Network Module

◦   6-port 10Gbps SR Fiber FTW (fail to wire) Network Module

◦   6-port 10Gbps LR Fiber FTW (fail to wire) Network Module

Maximum number of interfacesUp to 24 x 10 Gigabit Ethernet (SFP+) interfaces; up to 8 x 40 Gigabit Ethernet (QSFP+) interfaces with 2 network modules
Integrated network management ports

1 Gigabit Ethernet

Supports 1-G fiber or copper SFPs

Serial port1 x RJ-45 console
USB1 x USB 2.0
Storage200 GB400 GB200 GB800 GB400 GB800 GB400 GB
Power suppliesConfigurationSingle 1100W AC, dual optional. Single/dual 950W DC optional1, 2optional. Single/dual 950W DC optional1, 2Single 1100W AC, dual optional. Single/dual 950W DC optional1Dual 1100W AC1Dual 1100W AC1Dual 1100W AC1Dual 1100W AC1
AC input voltage100 to 240V AC
AC maximum input current13A
AC maximum output power1100W
AC frequency50 to 60 Hz
AC efficiency>92% at 50% load
DC input voltage-40V to -60VDC
DC maximum input current27A
DC maximum output power950W
DC efficiency>92.5% at 50% load
Redundancy1+1
Fans6 hot-swappable fans
Noise78 dBA
Rack mountableYes, mount rails included (4-post EIA-310-D rack)
Weight36 lb (16 kg): 2 x power supplies, 2 x NMs, 6x fans; 30 lb (13.6 kg): no power supplies, no NMs, no fans
Temperature: operating32 to 104°F
(0 to 40°C)
32 to 104°F
(0 to 40°C)
32 to 104°F
(0 to 40°C) or NEBS operation (see below)
32 to 104°F
(0 to 40°C)
32 to 95°F
(0 to 35°C), at sea level
32 to 95°F
(0 to 35°C), at sea level
32 to 95°F
(0 to 35°C), at sea level
Temperature: nonoperating-40 to 149°F (-40 to 65°C)
Humidity: operating5 to 95% noncondensing
Humidity: nonoperating5 to 95% noncondensing
Altitude: operating10,000 ft (max)10,000 ft (max)10,000 ft (max) or NEBS operation (see below)10,000 ft (max)10,000 ft (max)10,000 ft (max)
Altitude: nonoperating40,000 ft (max)
NEBS operation (FPR 4120 only)

Operating altitude: 0 to 13,000 ft (3960 m)

Operating temperature:

Long term: 0 to 45°C, up to 6,000 ft (1829 m)

Long term: 0 to 35°C, 6,000 to 13,000 ft (1829 to 3964 m)

Short term: -5 to 50°C, up to 6,000 ft (1829 m)

Table 4. Cisco Firepower 4100 Series NEBS, Regulatory, Safety, and EMC Compliance

Cisco Firepower 4100 Series NEBS, Regulatory, Safety, and EMC Compliance

SpecificationDescription
Regulatory complianceProducts comply with CE markings per directives 2004/108/EC and 2006/108/EC
Safety

●  UL 60950-1

●  CAN/CSA-C22.2 No. 60950-1

●  EN 60950-1

●  IEC 60950-1

●  AS/NZS 60950-1

●  GB4943

EMC: emissions

●  47CFR Part 15 (CFR 47) Class A (FCC Class A)

●  AS/NZS CISPR22 Class A

●  CISPR22 CLASS A

●  EN55022 Class A

●  ICES003 Class A

●  VCCI Class A

●  EN61000-3-2

●  EN61000-3-3

●  KN22 Class A

●  CNS13438 Class A

●  EN300386

●  TCVN7189

EMC: Immunity

●  EN55024

●  CISPR24

●  EN300386

●  KN24

●  TVCN 7317

●  EN-61000-4-2, EN-61000-4-3, EN-61000-4-4, EN-61000-4-5, EN-61000-4-6, EN-61000-4-8, EN61000-4-11

CALL NOW

Contact our sales experts to find out pricing and how to get your license through price inquiry form.