Cisco Firepower 2100 Series appliances
The Cisco Firepower 2100 Series is a family of four threat-focused security platforms that deliver business resiliency and superior threat defense. They offers exceptional sustained performance when advanced threat functions are enabled. These platforms uniquely incorporate an innovative dual multicore CPU architecture that optimizes firewall, cryptographic, and threat inspection functions. The series’ firewall throughput range addresses use cases from the Internet edge to the data center. Network Equipment Building Standards (NEBS)- compliance is supported by the Cisco Firepower 2130 platform. 2100 Series platforms run either the Cisco Secure Firewall ASA or Threat Defense (FMC) software. They can be deployed in both firewall and dedicated IPS modes.
Product Number | FPR2140-ASA-K9 |
Product Description | Cisco Firepower 2140 ASA Appliance, 1RU,1 x Network Module Bays |
ASA Performance and Capabilities on Firepower Appliances | |
Stateful inspection firewall throughput | 20 Gbps |
Stateful inspection firewall throughput (multiprotocol) | 10 Gbps |
Concurrent firewall connections | 3 million |
New connections per second | 75000 |
Hardware Specifications | |
Dimensions (H x W x D) | 1.73 x 16.90 x 19.76 in. (4.4 x 42.9 x 50.2 cm) |
Form factor (rack units) | 1RU |
I/O module slots | 1 NM slot |
Integrated I/O | 12 x 10M/100M/1GBASE-T Ethernet interfaces (RJ-45), 4 x 10 Gigabit (SFP+) Ethernet interfaces |
Network modules | (FPR-NM-8X10G) 8 x 10 Gigabit Ethernet Enhanced Small Form-Factor Pluggable (SFP+) network module |
Maximum number of interfaces | Up to 24 total Ethernet ports (12x1G RJ-45, 4x10G SFP+, and network module with 8x10G SFP+) |
Integrated network management ports | 1 x 10M/100M/1GBASE-T Ethernet port (RJ-45) |
Cisco Firepower 2100 Series Data Sheet
Detailed performance specifications and feature highlights
Performance specifications and feature highlights for 2100 Series with Cisco Threat Defense software
Features | 2110 | 2120 | 2130 | 2140 | |
Throughput: FW + AVC (1024B) | 2.6 Gbps | 3.4 Gbps | 5.4 Gbps | 10.4 Gbps | |
Throughput: FW + AVC + IPS (1024B) | 2.6 Gbps | 3.4 Gbps | 5.4 Gbps | 10.4 Gbps | |
Maximum concurrent sessions, with AVC | 1 million | 1.5 million | 2 million | 3 million | |
Maximum new connections per second, with AVC | 14K | 18K | 30K | 57K | |
TLS | 365 Mbps | 475 Mbps | 760 Mbps | 1.4 Gbps | |
Throughput: IPS (1024B) | 2.6 Gbps | 3.5 Gbps | 5.4 Gbps | 10.5 Gbps | |
IPSec VPN Throughput (1024B TCP w/Fastpath) | 950 Mbps | 1.2 Gbps | 1.9 Gbps | 3.6 Gbps | |
Maximum VPN Peers | 1,500 | 3,500 | 7,500 | 10,000 | |
Cisco Firepower Device Manager (local management) | Yes | Yes | Yes | Yes | |
Centralized management | Centralized configuration, logging, monitoring, and reporting are performed by the Management Center or alternatively in the cloud with Cisco Defense Orchestrator | ||||
Application Visibility and Control (AVC) | Standard, supporting more than 4000 applications, as well as geolocations, users, and websites | ||||
AVC: OpenAppID support for custom, open source, application detectors | Standard | ||||
Cisco Security Intelligence | Standard, with IP, URL, and DNS threat intelligence | ||||
Cisco Firepower NGIPS | Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence | ||||
Cisco AMP for Networks | Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco Secure Endpoint is also optionally available | ||||
Cisco AMP Threat Grid sandboxing | Available | ||||
URL Filtering: number of categories | More than 80 | ||||
URL Filtering: number of URLs categorized | More than 280 million | ||||
Automated threat feed and IPS signature updates | Yes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group (https://www.cisco.com/c/en/us/products/security/talos.html) | ||||
Third-party and open-source ecosystem | Open API for integrations with third-party products; Snort®and OpenAppID community resources for new and specific threats | ||||
High availability and clustering | Active/standby | ||||
Cisco Trust Anchor Technologies | Firepower 2100 Series platforms include Trust Anchor Technologies for supply chain and software image assurance. Please see the section below for additional details |
Cisco Firepower 2100 Series Ordering information
Product number | Product description |
FPR2110-ASA-K9 | Cisco Firepower 2110 ASA Appliance, 1U. |
FPR2110-NGFW-K9 | Cisco Firepower 2110 NGFW Appliance, 1U. |
FPR2120-ASA-K9 | Cisco Firepower 2120 ASA Appliance, 1U. |
FPR2120-NGFW-K9 | Cisco Firepower 2120 NGFW Appliance, 1U. |
FPR2130-ASA-K9 | Cisco Firepower 2130 ASA Appliance, 1U, 1 x NetMod Bay. |
FPR2130-NGFW-K9 | Cisco Firepower 2130 NGFW Appliance, 1U, 1 x NetMod Bay. |
FPR2140-ASA-K9 | Cisco Firepower 2140 ASA Appliance, 1U, 1 x NetMod Bay. |
FPR2140-NGFW-K9 | Cisco Firepower 2140 NGFW Appliance, 1U, 1 x NetMod Bay. |