Cisco Firepower 4100 Series appliances
The Cisco Firepower 4100 Series is a family of seven threat-focused NGFW security platforms. Their throughput range addresses data center and internet edge use cases. They deliver superior threat defense, at faster speeds, with a smaller footprint. Cisco Firepower 4100 Series supports flow-offloading, programmatic orchestration, and the management of security services with RESTful APIs. Network Equipment Building Standards (NEBS)-compliance is supported by the Cisco Firepower 4120 platform. The 4100 Series platforms can run either the Cisco ASA Firewall or Cisco Firepower Threat Defense (FTD) software.
For more information, Security License
Model overview
Cisco Firepower 4100 Series summary:
| Cisco Firepower 4100 Series summary | |||||
|---|---|---|---|---|---|
| Model | Firewall | NGFW | NGIPS | Interfaces | Optional Interfaces |
| FPR-4110 | 35G | 11G | 15G | 8 x SFP+ on-chassis | 2 x NM’s: 1/10/40G, FTW |
| FPR-4115(New) | 80G | 26G | 27G | 8 x SFP+ on-chassis | 2 x NMs: 1/10/40G, FTW |
| FPR-4120 | 60G | 19G | 27G | 8 x SFP+ on-chassis | 2 x NM’s: 1/10/40G, FTW |
| FPR-4125(New) | 80G | 35G | 41G | 8 x SFP+ on-chassis | 2 x NMs: 1/10/40G, FTW |
| FPR-4140 | 70G | 27G | 38G | 8 x SFP+ on-chassis | 2 x NM’s: 1/10/40G, FTW |
| FPR-4145(New) | 80G | 45G | 55G | 8 x SFP+ on-chassis | 2 x NMs: 1/10/40G, FTW |
| FPR-4150 | 75G | 39G | 52G | 8 x SFP+ on-chassis | 2 x NM’s: 1/10/40G, FTW |
Detailed performance specifications and feature highlights
Table 1. Performance specifications and feature highlights for Firepower 4100 with the Cisco Firepower Threat defense image
| Detailed performance specifications and feature highlights | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| Features | 4110 | 4115 | 4120 | 4125 | 4140 | 4145 | 4150 | ||
| Throughput: FW + AVC (1024B) | 13 Gbps | 27 Gbps | 22 Gbps | 40 Gbps | 32 Gbps | 53 Gbps | 45 Gbps | ||
| Throughput: FW + AVC + IPS (1024B) | 11 Gbps | 26 Gbps | 19 Gbps | 35 Gbps | 27 Gbps | 45 Gbps | 39 Gbps | ||
| Maximum concurrent sessions, with AVC | 10 million | 15 million | 15 million | 25 million | 25 million | 30 million | 30 million | ||
| Maximum new connections per second, with AVC | 64K | 200K | 118K | 265K | 172K | 350K | 263K | ||
| TLS (Hardware Decryption)1 | 4.5 Gbps | 6.5 Gbps | 7.1 Gbps | 8 Gbps | 7.3 Gbps | 10 Gbps | 7.5 Gbps | ||
| Throughput: NGIPS (1024B) | 15 Gbps | 27 Gbps | 27 Gbps | 41 Gbps | 38 Gbps | 55 Gbps | 52 Gbps | ||
| IPSec VPN Throughput (1024B TCP w/Fastpath) | 6 Gbps | 8 Gbps | 10 Gbps | 14 Gbps | 13 Gbps | 18 Gbps | 14 Gbps | ||
| Maximum VPN Peers | 10,000 | 15,000 | 15,000 | 20,000 | 20,000 | 20,000 | 20,000 | ||
| Multi-Instance Capable | Yes | ||||||||
| Centralized management | Centralized configuration, logging, monitoring, and reporting are performed by the Management Center or alternatively in the cloud with Cisco Defense Orchestrator | ||||||||
| Application Visibility and Control (AVC) | Standard, supporting more than 4000 applications, as well as geolocations, users, and websites | ||||||||
| AVC: OpenAppID support for custom, open source, application detectors | Standard | ||||||||
| Cisco Security Intelligence | Standard, with IP, URL, and DNS threat intelligence | ||||||||
| Cisco Firepower NGIPS | Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence | ||||||||
| Cisco AMP for Networks | Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco AMP for Endpoints is also optionally available | ||||||||
| Cisco AMP Threat Grid sandboxing | Available | ||||||||
| URL Filtering: number of categories | More than 80 | ||||||||
| URL Filtering: number of URLs categorized | More than 280 million | ||||||||
| Automated threat feed and IPS signature updates | Yes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group (https://www.cisco.com/c/en/us/products/security/talos.html) | ||||||||
| Third-party and open-source ecosystem | Open API for integrations with third-party products; Snort® and OpenAppID community resources for new and specific threats | ||||||||
| High availability and clustering | Active/standby. Cisco Firepower 4100 Series allows clustering of up to 6 chassis | ||||||||
| Cisco Trust Anchor Technologies | Firepower 4100 Series platforms include Trust Anchor Technologies for supply chain and software image assurance. | ||||||||
NOTE: Performance will vary depending on features activated, and network traffic protocol mix, and packet size characteristics. Performance is subject to change with new software releases. Consult your Cisco representative for detailed sizing guidance.
For more information, Cisco firepower License
Table 2. ASA Performance and capabilities on Firepower 4100 appliances
| ASA Performance and capabilities on Firepower 4100 appliances | |||||||
|---|---|---|---|---|---|---|---|
| Features | 4110 | 4115 | 4120 | 4125 | 4140 | 4145 | 4150 |
| Stateful inspection firewall throughput1 | 35 Gbps | 80 Gbps | 60 Gbps | 80 Gbps | 70 Gbps | 80 Gbps | 75 Gbps |
| Stateful inspection firewall throughput (multiprotocol)2 | 15 Gbps | 40 Gbps | 30 Gbps | 45 Gbps | 40 Gbps | 50 Gbps | 50 Gbps |
| Concurrent firewall connections 10 million | 10 million | 15 million | 15 million | 25 million | 25 million | 40 million | 35 million |
| Firewall latency (UDP 64B microseconds) | 3.5 | 3.5 | 3.5 | 3.5 | 3.5 | 3.5 | 3.5 |
| New connections per second | 150,000 | 848K | 250,000 | 1.1 million | 350,000 | 1.5 million | 800,000 |
| IPsec VPN throughput (450B UDP L2L test) | 8 Gbps | 15 Gbps | 10 Gbps | 19 Gbps | 14 Gbps | 23 Gbps | 15 Gbps |
| Maximum VPN Peers | 10,000 | 15,000 | 15,000 | 20,000 | 20,000 | 20,000 | 20,000 |
| Security contexts (included; maximum) | 10; 250 | 10; 250 | 10; 250 | 10; 250 | 10; 250 | 10; 250 | 10; 250 |
| High availability | Active/active and active/standby | ||||||
| Clustering | Up to 16 appliances | ||||||
| Scalability | VPN Load Balancing, Firewall Clustering. | ||||||
| Centralized management | Centralized configuration, logging, monitoring, and reporting are performed by Cisco Security Manager or alternatively in the cloud with Cisco Defense Orchestrator | ||||||
| Adaptive Security Device Manager | Web-based, local management for small-scale deployments | ||||||
Hardware specifications
Table 3. Cisco Firepower 4100 Series hardware specifications
| Cisco Firepower 4100 Series hardware specifications | ||||||||
|---|---|---|---|---|---|---|---|---|
| Features | 4110 | 4115 | 4120 | 4125 | 4140 | 4145 | 4150 | |
| Dimensions (H x W x D) | 1.75 x 16.89 x 29.7 in. (4.4 x 42.9 x 75.4 cm) | |||||||
| Form factor (rack units) | 1RU | |||||||
| Supervisor | Cisco Firepower 4000 Supervisor with 8 x 10 Gigabit Ethernet ports and 2 Network Module (NM) slots for I/O expansion | |||||||
| Network modules |
|
|||||||
| Maximum number of interfaces | Up to 24 x 10 Gigabit Ethernet (SFP+) interfaces; up to 8 x 40 Gigabit Ethernet (QSFP+) interfaces with 2 network modules | |||||||
| Integrated network management ports | 1 Gigabit Ethernet
Supports 1-G fiber or copper SFPs |
|||||||
| Serial port | 1 x RJ-45 console | |||||||
| USB | 1 x USB 2.0 | |||||||
| Storage | 200 GB | 400 GB | 200 GB | 800 GB | 400 GB | 800 GB | 400 GB | |
| Power supplies | Configuration | Single 1100W AC, dual optional. Single/dual 950W DC optional1, 2 | optional. Single/dual 950W DC optional1, 2 | Single 1100W AC, dual optional. Single/dual 950W DC optional1 | Dual 1100W AC1 | Dual 1100W AC1 | Dual 1100W AC1 | Dual 1100W AC1 |
| AC input voltage | 100 to 240V AC | |||||||
| AC maximum input current | 13A | |||||||
| AC maximum output power | 1100W | |||||||
| AC frequency | 50 to 60 Hz | |||||||
| AC efficiency | >92% at 50% load | |||||||
| DC input voltage | -40V to -60VDC | |||||||
| DC maximum input current | 27A | |||||||
| DC maximum output power | 950W | |||||||
| DC efficiency | >92.5% at 50% load | |||||||
| Redundancy | 1+1 | |||||||
| Fans | 6 hot-swappable fans | |||||||
| Noise | 78 dBA | |||||||
| Rack mountable | Yes, mount rails included (4-post EIA-310-D rack) | |||||||
| Weight | 36 lb (16 kg): 2 x power supplies, 2 x NMs, 6x fans; 30 lb (13.6 kg): no power supplies, no NMs, no fans | |||||||
| Temperature: operating | (0 to 40°C) 32 to 104°F | (0 to 40°C) 32 to 104°F/td> | (0 to 40°C) or NEBS operation (see below) 32 to 104°F | (0 to 40°C) 32 to 95°F | (0 to 35°C), at sea level 32 to 95°F | (0 to 35°C), at sea level 32 to 95°F | (0 to 35°C), at sea level 32 to 95°F | |
| Temperature: nonoperating | -40 to 149°F (-40 to 65°C) | |||||||
| Humidity: operating | 5 to 95% noncondensing | |||||||
| Humidity: nonoperating | 5 to 95% noncondensing | |||||||
| Altitude: operating | 10,000 ft (max) | 10,000 ft (max) | 10,000 ft (max) 10,000 ft (max) or NEBS operation (see below) | 10,000 ft (max) | 10,000 ft (max) | 10,000 ft (max) | ||
| Altitude: nonoperating | 40,000 ft (max) | |||||||
| NEBS operation (FPR 4120 only) |
|
|||||||
Table 4. Cisco Firepower 4100 Series NEBS, Regulatory, Safety, and EMC Compliance
| Cisco Firepower 4100 Series NEBS, Regulatory, Safety, and EMC Compliance | |
|---|---|
| Specification | Description |
| Regulatory compliance | Products comply with CE markings per directives 2004/108/EC and 2006/108/EC |
| Safety |
|
| EMC: emissions |
|
| EMC: Immunity |
|
Cisco Firepower 4100 Order Pricing
Cisco Firepower 4100 Series try to enhance the of infrastructure and applications management in companies and corporate networks. It gives the access layer infrastructure to its trustworthy users. Indeed there are different ways to contact us and order. The customers should proceed from Cisco License price quote to order and link to our experts to give them the best information and guidance. Our experts give the accurate information to the customers to buy related products and licenses.
