Cisco Firepower 2120 includes four NGFW security platforms focused on threat defense, and they provide business resiliency through superior threat defense. These platforms are uniquely designed with an innovative architecture with two multi-core CPUs. The range of firewall throughput ranges from 1.9 Gbps to 8.5 Gbps and can be handled from the Internet side.

Cisco Firepower 2120 General Introduction

The Cisco Firepower 2100 Series appliances can be deployed as next-generation firewalls (NGFWs) or as next-generation IPSs (NGIPS), making them ideal for everything from the edge of the Internet to the data center. A total of four new models are available.

The Firepower 2110 and 2120 firewalls have throughputs of 1.9 and 3 Gbps, respectively. They use 1 rack unit (RU) with increased port density and provide up to sixteen (16) 1_Gbps ports.

The Firepower 2130 and 2140 models have firewall throughputs of 5 and 8.5 Gbps, respectively. What makes these models unique is that users can customize them using network modules or NetMod. They provide up to twenty-four (24) 1 Gbps ports or twelve (12) 10 Gbps ports in a 1 RU unit.

Cisco Firepower 2120 Product Picture

Cisco Firepower 2120Cisco Firepower 2120

Cisco Firepower 2120 Datasheet

NGFWv 2110 2120 2130 2140
Throughput: FW + AVC 1024B 1.2 Gbps 2.0 Gbps 3 Gbps 4.75 Gbps
Throughput: FW + AVC + IPS (1024B) 1.1 Gbps 2.0 Gbps 3 Gbps 4.75 Gbps
Maximum concurrent sessions, with AVC 100,000 1 million 1.2 million 2 million
Maximum new connections per second, with AVC 10,000 12,000 16,000 24,000
TLS (Hardware Decryption) 350 Mbps 450 Mbps 700 Mbps
IPSec VPN Throughput (1024B TCP w/Fastpath) 750 Mbps 1 Gbps 1.5 Gbps
Maximum VPN Peers 1500 3500 7500
Cisco Firepower Device Manager (local management) Yes (VMware only) Yes Yes Yes

Cisco Firepower 2120  Ordering Info

FPR2110-BUN Cisco Firepower 2110 Master Bundle
FPR2120-BUN Cisco Firepower 2120 Master Bundle
FPR2130-BUN Cisco Firepower 2130 Master Bundle
FPR2140-BUN Cisco Firepower 2140 Master Bundle
Part Number (Network Module) Description
FPR2K-NM-8X10G= Spare Cisco Firepower 8-port SFP+ network module
Part Number (Appliances with FTD software)
FPR2110-NGFW-K9 Cisco Firepower 2110 NGFW Appliance, 1RU
FPR2120-NGFW-K9 Cisco Firepower 2120 NGFW Appliance, 1RU
FPR2130-NGFW-K9 Cisco Firepower 2130 NGFW Appliance, 1RU, 1 x Network Module Bays
FPR2140-NGFW-K9 Cisco Firepower 2140 NGFW Appliance, 1RU, 1 x Network Module Bays
Cisco Firepower 2100 Series NGFW Select Licenses
L-FPR2110T-TMC= Cisco Firepower 2110 Threat Defense Threat, Malware, and URL License
L-FPR2120T-TMC= Cisco Firepower 2120 Threat Defense Threat, Malware, and URL License
L-FPR2130T-TMC= Cisco Firepower 2130 Threat Defense Threat, Malware, and URL License
L-FPR2140T-TMC= Cisco Firepower 2140 Threat Defense Threat, Malware, and URL License
FPR2110-ASA-K9 Cisco Firepower 2110 ASA Appliance, 1RU
FPR2120-ASA-K9 Cisco Firepower 2120 ASA Appliance, 1RU
FPR2130-ASA-K9 Cisco Firepower 2130 ASA Appliance, 1RU, 1 x Network Module Bays
FPR2140-ASA-K9 Cisco Firepower 2140 ASA Appliance, 1RU, 1 x Network Module Bays
Optional ASA Software Licenses Description
L-FPR2K-ENC-K9= License to enable strong encryption for ASA on Cisco Firepower 2100 Series
L-FPR2K-ASASC-10= Cisco Firepower 2100 Add-on 10 security context licenses
L-FPR2K-ASASC-5= Cisco Firepower 2100 Add-on 5 security context licenses

Cisco Firepower 2120 Features

Ensuring business resilience through superior security protection while maintaining consistent performance

Eliminate the performance cost of activating IPS

Double port density and performance compared to similar products on the market

5 minutes from connection to protection, easy to deploy

Save energy and space costs with 1 rack unit (RU)

The Firepower 2100 NGFW also has a unique ability to deliver consistently stable performance while supporting threat prevention features such as IPS. This is achieved through the adoption of an innovative dual multi-core architecture. Layer 2 and Layer 3 functions are handled on an NPU (Network Processor). Threat detection and other services are handled on a separate multicore x86 CPU. By splitting the workload, we eliminate the performance degradation that often occurs in other similar products when opening threat detection.

    Sorry, no attachment available !