Cisco Firepower 2120


Cisco Firepower 2120 includes four NGFW security platforms focused on threat defense, and they provide business resiliency through superior threat defense. These platforms are uniquely designed with an innovative architecture with two multi-core CPUs. The range of firewall throughput ranges from 1.9 Gbps to 8.5 Gbps and can be handled from the Internet side.

Cisco Firepower 2120 General Introduction

The Cisco Firepower 2100 Series appliances can be deployed as next-generation firewalls (NGFWs) or as next-generation IPSs (NGIPS), making them ideal for everything from the edge of the Internet to the data center. A total of four new models are available.

The Firepower 2110 and 2120 firewalls have throughputs of 1.9 and 3 Gbps, respectively. They use 1 rack unit (RU) with increased port density and provide up to sixteen (16) 1_Gbps ports.

The Firepower 2130 and 2140 models have firewall throughputs of 5 and 8.5 Gbps, respectively. What makes these models unique is that users can customize them using network modules or NetMod. They provide up to twenty-four (24) 1 Gbps ports or twelve (12) 10 Gbps ports in a 1 RU unit.

Cisco Firepower 2120 Product Picture

Cisco Firepower 2120Cisco Firepower 2120

Cisco Firepower 2120 Datasheet

Throughput: FW + AVC 1024B1.2 Gbps2.0 Gbps3 Gbps4.75 Gbps
Throughput: FW + AVC + IPS (1024B)1.1 Gbps2.0 Gbps3 Gbps4.75 Gbps
Maximum concurrent sessions, with AVC100,0001 million1.2 million2 million
Maximum new connections per second, with AVC10,00012,00016,00024,000
TLS (Hardware Decryption)350 Mbps450 Mbps700 Mbps
IPSec VPN Throughput (1024B TCP w/Fastpath)750 Mbps1 Gbps1.5 Gbps
Maximum VPN Peers150035007500
Cisco Firepower Device Manager (local management)Yes (VMware only)YesYesYes

Cisco Firepower 2120  Ordering Info

FPR2110-BUNCisco Firepower 2110 Master Bundle
FPR2120-BUNCisco Firepower 2120 Master Bundle
FPR2130-BUNCisco Firepower 2130 Master Bundle
FPR2140-BUNCisco Firepower 2140 Master Bundle
Part Number (Network Module)Description
FPR2K-NM-8X10G=Spare Cisco Firepower 8-port SFP+ network module
Part Number (Appliances with FTD software)
FPR2110-NGFW-K9Cisco Firepower 2110 NGFW Appliance, 1RU
FPR2120-NGFW-K9Cisco Firepower 2120 NGFW Appliance, 1RU
FPR2130-NGFW-K9Cisco Firepower 2130 NGFW Appliance, 1RU, 1 x Network Module Bays
FPR2140-NGFW-K9Cisco Firepower 2140 NGFW Appliance, 1RU, 1 x Network Module Bays
Cisco Firepower 2100 Series NGFW Select Licenses
L-FPR2110T-TMC=Cisco Firepower 2110 Threat Defense Threat, Malware, and URL License
L-FPR2120T-TMC=Cisco Firepower 2120 Threat Defense Threat, Malware, and URL License
L-FPR2130T-TMC=Cisco Firepower 2130 Threat Defense Threat, Malware, and URL License
L-FPR2140T-TMC=Cisco Firepower 2140 Threat Defense Threat, Malware, and URL License
FPR2110-ASA-K9Cisco Firepower 2110 ASA Appliance, 1RU
FPR2120-ASA-K9Cisco Firepower 2120 ASA Appliance, 1RU
FPR2130-ASA-K9Cisco Firepower 2130 ASA Appliance, 1RU, 1 x Network Module Bays
FPR2140-ASA-K9Cisco Firepower 2140 ASA Appliance, 1RU, 1 x Network Module Bays
Optional ASA Software LicensesDescription
L-FPR2K-ENC-K9=License to enable strong encryption for ASA on Cisco Firepower 2100 Series
L-FPR2K-ASASC-10=Cisco Firepower 2100 Add-on 10 security context licenses
L-FPR2K-ASASC-5=Cisco Firepower 2100 Add-on 5 security context licenses

Cisco Firepower 2120 Features

Ensuring business resilience through superior security protection while maintaining consistent performance

Eliminate the performance cost of activating IPS

Double port density and performance compared to similar products on the market

5 minutes from connection to protection, easy to deploy

Save energy and space costs with 1 rack unit (RU)

The Firepower 2100 NGFW also has a unique ability to deliver consistently stable performance while supporting threat prevention features such as IPS. This is achieved through the adoption of an innovative dual multi-core architecture. Layer 2 and Layer 3 functions are handled on an NPU (Network Processor). Threat detection and other services are handled on a separate multicore x86 CPU. By splitting the workload, we eliminate the performance degradation that often occurs in other similar products when opening threat detection.

    Sorry, no attachment available !

    has been added to your cart: