Cisco Firepower 2120 includes four NGFW security platforms focused on threat defense, and they provide business resiliency through superior threat defense. These platforms are uniquely designed with an innovative architecture with two multi-core CPUs. The range of firewall throughput ranges from 1.9 Gbps to 8.5 Gbps and can be handled from the Internet side.
Cisco Firepower 2120 General Introduction
The Cisco Firepower 2100 Series appliances can be deployed as next-generation firewalls (NGFWs) or as next-generation IPSs (NGIPS), making them ideal for everything from the edge of the Internet to the data center. A total of four new models are available.
The Firepower 2110 and 2120 firewalls have throughputs of 1.9 and 3 Gbps, respectively. They use 1 rack unit (RU) with increased port density and provide up to sixteen (16) 1_Gbps ports.
The Firepower 2130 and 2140 models have firewall throughputs of 5 and 8.5 Gbps, respectively. What makes these models unique is that users can customize them using network modules or NetMod. They provide up to twenty-four (24) 1 Gbps ports or twelve (12) 10 Gbps ports in a 1 RU unit.
Cisco Firepower 2120 Product Picture
Cisco Firepower 2120 Datasheet
|Throughput: FW + AVC 1024B||1.2 Gbps||2.0 Gbps||3 Gbps||4.75 Gbps|
|Throughput: FW + AVC + IPS (1024B)||1.1 Gbps||2.0 Gbps||3 Gbps||4.75 Gbps|
|Maximum concurrent sessions, with AVC||100,000||1 million||1.2 million||2 million|
|Maximum new connections per second, with AVC||10,000||12,000||16,000||24,000|
|TLS (Hardware Decryption)||–||350 Mbps||450 Mbps||700 Mbps|
|IPSec VPN Throughput (1024B TCP w/Fastpath)||–||750 Mbps||1 Gbps||1.5 Gbps|
|Maximum VPN Peers||–||1500||3500||7500|
|Cisco Firepower Device Manager (local management)||Yes (VMware only)||Yes||Yes||Yes|
Cisco Firepower 2120 Ordering Info
|FPR2110-BUN||Cisco Firepower 2110 Master Bundle|
|FPR2120-BUN||Cisco Firepower 2120 Master Bundle|
|FPR2130-BUN||Cisco Firepower 2130 Master Bundle|
|FPR2140-BUN||Cisco Firepower 2140 Master Bundle|
|Part Number (Network Module)||Description|
|FPR2K-NM-8X10G=||Spare Cisco Firepower 8-port SFP+ network module|
|Part Number (Appliances with FTD software)|
|FPR2110-NGFW-K9||Cisco Firepower 2110 NGFW Appliance, 1RU|
|FPR2120-NGFW-K9||Cisco Firepower 2120 NGFW Appliance, 1RU|
|FPR2130-NGFW-K9||Cisco Firepower 2130 NGFW Appliance, 1RU, 1 x Network Module Bays|
|FPR2140-NGFW-K9||Cisco Firepower 2140 NGFW Appliance, 1RU, 1 x Network Module Bays|
|Cisco Firepower 2100 Series NGFW Select Licenses|
|L-FPR2110T-TMC=||Cisco Firepower 2110 Threat Defense Threat, Malware, and URL License|
|L-FPR2120T-TMC=||Cisco Firepower 2120 Threat Defense Threat, Malware, and URL License|
|L-FPR2130T-TMC=||Cisco Firepower 2130 Threat Defense Threat, Malware, and URL License|
|L-FPR2140T-TMC=||Cisco Firepower 2140 Threat Defense Threat, Malware, and URL License|
|FPR2110-ASA-K9||Cisco Firepower 2110 ASA Appliance, 1RU|
|FPR2120-ASA-K9||Cisco Firepower 2120 ASA Appliance, 1RU|
|FPR2130-ASA-K9||Cisco Firepower 2130 ASA Appliance, 1RU, 1 x Network Module Bays|
|FPR2140-ASA-K9||Cisco Firepower 2140 ASA Appliance, 1RU, 1 x Network Module Bays|
|Optional ASA Software Licenses||Description|
|L-FPR2K-ENC-K9=||License to enable strong encryption for ASA on Cisco Firepower 2100 Series|
|L-FPR2K-ASASC-10=||Cisco Firepower 2100 Add-on 10 security context licenses|
|L-FPR2K-ASASC-5=||Cisco Firepower 2100 Add-on 5 security context licenses|
Cisco Firepower 2120 Features
Ensuring business resilience through superior security protection while maintaining consistent performance
Eliminate the performance cost of activating IPS
Double port density and performance compared to similar products on the market
5 minutes from connection to protection, easy to deploy
Save energy and space costs with 1 rack unit (RU)
The Firepower 2100 NGFW also has a unique ability to deliver consistently stable performance while supporting threat prevention features such as IPS. This is achieved through the adoption of an innovative dual multi-core architecture. Layer 2 and Layer 3 functions are handled on an NPU (Network Processor). Threat detection and other services are handled on a separate multicore x86 CPU. By splitting the workload, we eliminate the performance degradation that often occurs in other similar products when opening threat detection.
Sorry, no attachment available !