CISCO思科网络安全

思科 Firepower 1000 系列

面向小型办公室的企业级保护 在业务发展的同时保护业务安全。Firepower 1000 系列提供高性能、易用性、深入的可视性与可控性,可快速检测和阻止威胁。该系列在设计上优化了安全服务,而不会降低网络性能。

  • 型号:

Firepower 1000 型号对比

Firepower 1010

Firepower 1010

  • 台式机

  • 8 个 1 GE 端口

  • 650 Mbps NGFW 吞吐量

Firepower 1120

Firepower 1120

  • 机架安装

  • 8 个 1 GE 端口, 4 个 SFP 端口

  • 1.5 Gbps NGFW 吞吐量

Firepower 1140

Firepower 1140

  • 机架安装

  • 8 个 1 GE 端口, 4 个 SFP 端口

  • 2.2 Gbps NGFW 吞吐量


Cisco Firepower 1000 Series Appliances

The Cisco Firepower® 1000 Series is a family of four threat-focused Next-Generation Firewall (NGFW) security platforms that deliver business resiliency through superior threat defense. It offers exceptional sustained performance when advanced threat functions are enabled. The 1000 Series’ throughput range addresses use cases from the small office, home office, remote branch office to the Internet edge. The 1000 Series platforms run Cisco Firepower Threat Defense (FTD) and Cisco® Adaptive Security Appliance (ASA) software.

Model overview

Related image, diagram or screenshot

Cisco Firepower 1000 Series summary

Model

NGFW

Next-Generation Intrusion Prevention System (NGIPS)

Interfaces

FPR-1010

650 Mbps

650 Mbps

8 x RJ45

FPR-1120

1.5 Gbps

1.5 Gbps

8 x RJ45, 4 x SFP

FPR-1140

2.2 Gbps

2.2 Gbps

8 x RJ45, 4 x SFP

FPR-1150

3 Gbps

3 Gbps

8 x RJ45, 2 x SFP, 2 x 10G SFP+

Detailed performance specifications and feature highlights

Table 1.           Performance specifications and feature highlights for Cisco Firepower 1000 with the Cisco Firepower Threat Defense image

Features

1010

1120

1140

1150

Throughput: Firewall (FW) + Application Visibility and Control (AVC) (1024B)

650 Mbps

1.5 Gbps

2.2 Gbps

3 Gbps

Throughput: FW + AVC + Intrusion Prevention System (IPS) (1024B)

650 Mbps

1.5 Gbps

2.2 Gbps

3 Gbps

Maximum concurrent sessions, with AVC

100K

200K

400K

600K

Maximum new connections per second, with AVC

6K

15K

22K

28K

Transport Layer Security (TLS)

150 Mbps

700 Mbps

1 Gbps

1.4 Gbps

Throughput: NGIPS (1024B)

650 Mbps

1.5 Gbps

2.2 Gbps

3 Gbps

IPSec VPN throughput (1024B TCP w/Fastpath)

300 Mbps

1 Gbps

1.2 Gbps

1.4 Gbps

Maximum VPN Peers

75

150

400

800

Cisco Firepower Device Manager (local management)

Yes

Yes

Yes

Yes

Centralized management

Centralized configuration, logging, monitoring, and reporting are performed by the Management Center or alternatively in the cloud with Cisco Defense Orchestrator

AVC

Standard, supporting more than 4000 applications, as well as geolocations, users, and websites

AVC: OpenAppID support for custom, open-source application detectors

Standard

Cisco Security Intelligence

Standard, with IP, URL, and DNS threat intelligence

Cisco Firepower NGIPS

Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence

Cisco Advanced Malware Protection (AMP) for Networks

Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco AMP for Endpoints is also optionally available

Cisco AMP Threat Grid sandboxing

Available

URL filtering: number of categories

More than 80

URL filtering: number of URLs categorized

More than 280 million

Automated threat feed and IPS signature updates

Yes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos® group

Third-party and open-source ecosystem

Open API for integrations with third-party products; Snort® and OpenAppID community resources for new and specific threats

High availability and clustering

Active/standby

Cisco Trust Anchor Technologies

Cisco Firepower 1000 Series platforms include Trust Anchor Technologies for supply chain and software image assurance. Please see the section below for additional details

Note:     Performance will vary depending on features activated, and network traffic protocol mix, and packet size characteristics. Performance is subject to change with new software releases. Consult your Cisco representative for detailed sizing guidance.

Table 2.          ASA Performance and capabilities on Firepower 1000 appliances

Features

1010

1120

1140

1150

Stateful inspection firewall throughput1

2 Gbps

 4.5 Gbps

6 Gbps

7.5 Gbps

Stateful inspection firewall throughput (multiprotocol)2

1.4 Gbps

2.5 Gbps

3.5 Gbps

4.5 Gbps

Concurrent firewall connections

100,000

200,000

400,000

600,000

Firewall latency (UDP 64B microseconds)

-

-

-

-

New connections per second

25,000

75,000

 100,000

150,000

IPsec VPN throughput (450B UDP L2L test)

500 Mbps

1 Gbps

1.2 Gbps

1.7 Gbps

Maximum VPN Peers

75

150

400

800

Security contexts (included; maximum)

NA

2; 5

2; 5

2; 25

High availability

Active/active and Active/standby

Active/active and Active/standby

Active/active and Active/standby

Active/active and Active/standby

Clustering

-

Scalability

VPN Load Balancing

Centralized management

Centralized configuration, logging, monitoring, and reporting are performed by Cisco Security Manager or alternatively in the cloud with Cisco Defense Orchestrator

Adaptive Security Device Manager

Web-based, local management for small-scale deployments

Performance testing methodologies LINK

1.     Throughput measured with 1500B User Datagram Protocol (UDP) traffic measured under ideal test conditions.

2.     “Multiprotocol” refers to a traffic profile consisting primarily of TCP-based protocols and applications like HTTP, SMTP, FTP, IMAPv4, BitTorrent, and DNS.

Hardware specifications

Table 3.           Cisco Firepower 1000 Series hardware specifications

Features

1010

1120

1140

1150

Dimensions (H x W x D)

1.82 x 7.85 x 8.07 in.

1.72 x 17.2 x 10.58 in.

1.72 x 17.2 x 10.58 in.

1.72 x 17.2 x 10.58 in.

Form factor (rack units)

DT

1RU

1RU

1RU

Integrated I/O

8 x RJ-45 (Includes 2 POE+ capable ports)

8 x RJ-45, 4 x SFP

8 x RJ-45, 4 x SFP

8 x RJ-45, 2 x 1Gbps SFP, 2 x 1/10Gbps SFP+

Integrated network management ports

1 x 10M/100M/1GBASE-T Ethernet port (RJ-45)

1 x 10M/100M/1GBASE-T Ethernet port (RJ-45)

1 x 10M/100M/1GBASE-T Ethernet port (RJ-45)

1 x 10M/100M/1GBASE-T Ethernet port (RJ-45)

Serial port

1 x RJ-45 console

1 x RJ-45 console

1 x RJ-45 console

1 x RJ-45 console

USB

1 x USB 3.0 Type-A (500mA)

1 x USB 3.0 Type-A (500mA)

1 x USB 3.0 Type-A (500mA)

1 x USB 3.0 Type-A (500mA)

Storage

1 x 200 GB

1 x 200 GB

1 x 200 GB

1 x 200 GB

Power supply configuration

+12V and -53.5V

+12V

+12V

+12V

AC input voltage

100 to 240V AC

100 to 240V AC

100 to 240V AC

100 to 240V AC

AC maximum input current

< 2A at 100V, < 1A at 240V

< 2A at 100V, < 1A at 240V

< 2A at 100V, < 1A at 240V

< 2A at 100V, < 1A at 240V

AC maximum output power

115W (55W of +12V and 60W of -53.5V)

100W

100W

100W

AC frequency

50 to 60 Hz

50 to 60 Hz

50 to 60 Hz

50 to 60 Hz

AC efficiency

>88% at 50% load

>85% at 50% load

>85% at 50% load

>85% at 50% load

Redundancy

None

None

None

None

Fans

None

1 integrated fan2

1 integrated fan2

1 integrated fan2

Noise

0 dBA

31.7 dBA @ 25C, 56.8 dBA at highest system performance

34.2 dBA @ 25C, 56.8 dBA at highest system performance

34.2 dBA @ 25C, 56.8 dBA at highest system performance

Rack mountable

Yes. Separate kit must be ordered.

Yes. Fixed mount brackets included (2-post).

Yes. Fixed mount brackets included (2-post).

Yes. Fixed mount brackets included (2-post).

Weight

3 lb (1.36 kg)

8 lb (3.63 kg)

8 lb (3.63 kg)

8 lb (3.63 kg)

Temperature: operating

32 to 104°F (0 to 40°C)

32 to 104°F (0 to 40°C)

32 to 104°F (0 to 40°C)

32 to 104°F (0 to 40°C)

Temperature: nonoperating

-13 to 158°F (-25 to 70°C)

-13 to 158°F (-25 to 70°C)

-13 to 158°F (-25 to 70°C)

-13 to 158°F (-25 to 70°C)

Humidity: operating

90% noncondensing

90% noncondensing

90% noncondensing

90% noncondensing

Humidity: nonoperating

10 to 90% noncondensing

10 to 90% noncondensing

10 to 90% noncondensing

10 to 90% noncondensing

Altitude: operating

9843 ft (max)

3000 m (max)

9843 ft (max)

3000 m (max)

9843 ft (max)

3000 m (max)

9843 ft (max)

3000 m (max)

Altitude: nonoperating

15,000 ft (max)

15,000 ft (max)

15,000 ft (max)

15,000 ft (max)

Table 4.           Cisco Firepower 1000 Series regulatory, safety, and EMC compliance

Specification

Description

Regulatory compliance

Products comply with CE markings per directives 2004/108/EC and 2006/108/EC

Safety

  UL 60950-1
  CAN/CSA-C22.2 No. 60950-1
  EN 60950-1
  IEC 60950-1
  AS/NZS 60950-1
  GB4943

EMC: emissions

  47CFR Part 15 (CFR 47) Class A (FCC Class A)
  AS/NZS CISPR22 Class A
  CISPR22 CLASS A
  EN55022 Class A
  ICES003 Class A
  VCCI Class A
  EN61000-3-2
  EN61000-3-3
  KN22 Class A
  CNS13438 Class A
  EN300386
  TCVN7189

EMC: immunity

  EN55024
  CISPR24
  EN300386
  KN24
  TVCN 7317
  EN-61000-4-2, EN-61000-4-3, EN-61000-4-4, EN-61000-4-5, EN-61000-4-6, EN-61000-4-8, EN61000-4-11


首页
产品
新闻
联系