معرفی فایروال سیسکو FTDv
امروزه مشاغل برای تأمین نیازهای امنیتی شبکه خود به ترکیبی از راه حلهای فیزیکی و مجازی اعتماد می کنند. آنها به انعطاف پذیری برای استقرار فایروال های مختلف فیزیکی و مجازی در طیف وسیعی از محیط ها نیاز دارند در حالی که هنوز سیاست ثابت را در دفاتر شعبه ، مراکز داده شرکت ها و همه نقاط ورود به سیستم حفظ می کنند. نمونه کارها فایروال مجازی سیسکو از تلفیق مرکز داده گرفته تا جابجایی در محل کار ، ادغام و ادغام یا اوج تقاضای فصلی در برنامه های شما ، به راحتی سیاست های یکپارچه و انعطاف پذیری برای استقرار در همه جا به کسب و کارها کمک می کند تا مدیریت امنیت را ساده کنند.
دستگاه Cisco® Next-Generation Firewall Virtual (NGFWv) فایروال شبکه اثبات شده سیسکو را با IPS نسل بعدی پیشرفته ، فیلتر کردن URL و تشخیص بدافزار ترکیب می کند. تهدیدات را به طور خودکار شناسایی و از بین ببرید ، تیم های امنیتی و عملیات شبکه آزاد می شوند. NGFWv همچنین با فعال کردن سیاست های امنیتی سازگار برای پیگیری بارهای شما در محیط های ابری فیزیکی ، خصوصی و عمومی ، محافظت از محیط های مجازی را ساده می کند. برای شناسایی سریع منشا و فعالیت تهدید ، به شبکه خود عمیقاً دسترسی پیدا کنید ، سپس حملات را قبل از تأثیر آنها بر کسب و کارتان متوقف کنید. پیشنهادات فایروال مجازی سیسکو هرگونه تغییر قابل توجه تقاضا در بخش فناوری اطلاعات شما را کاهش می دهد تا بتوانید با کنترل های امنیتی در سطح جهانی از حجم کار خود در برابر تهدیدات پیچیده بیشتر محافظت کنید.
لایسنس سیسکو فایرپاور FTDv مخفف Firepower Threat Defense Virtual Appliance می باشد.نسل بعدی فایروال سیسکو به شما این امکان را می دهد در حالیکه همزمان یک مجموعه منسجم سیاست های امنیتی، قابلیت دید و بهبود عملکرد در پاسخ به تهدیدات را عرضه می کنید، بار ترافیکی (workload) خود را نیز از مجموعه تهدیدهای روز افزون محافظت کنید. با استفاده از قدرت سیسکو زیر ساخت شبکه موجود شما از تمامی مکان ها نظیر مرکز داده ها، شعبات دفاتر، زیر ساخت ابری و هر مکان دیگر، تبدیل به یک راه حل جامع فایروالی شده که منجر به حفظ امنیت پایدار در هر جایی که شما نیاز دارید می شود.
Today, businesses rely on a mixture of physical and virtual solutions to meet their network security needs. They need the flexibility to deploy different physical and virtual firewalls across a wide range of environments while still maintaining consistent policy throughout branch offices, corporate datacenters, and all entry points between. From data center consolidation to office relocations, mergers and acquisitions, or seasonal peaks in demand on your applications, Cisco’s virtual firewall portfolio helps businesses simplify security management with the convenience of unified policy and the flexibility to deploy everywhere.
Cisco® Next-Generation Firewall Virtual (NGFWv) appliance combines Cisco’s proven network firewall with advanced next-gen IPS, URL filtering, and malware detection. Identify and eliminate threats automatically, freeing up security and network operations teams. NGFWv also simplifies protecting virtualized environments by enabling consistent security policies to follow your workloads across physical, private, and public cloud environments. Get deep visibility into your network to quickly detect threat origin and activity, then stop attacks before they impact your business. Cisco virtual firewall offerings mitigate any significant shift in demand on your IT department so you can protect your workloads against increasingly complex threats with world-class security controls.
NGFWv is the virtualized option of our popular NGFW solution and offers security in traditional physical data centers and private and public clouds. Prioritize threats with automated risk rankings and impact flags to focus your resources on events requiring immediate action. License portability provides the flexibility to move from your on-premises private cloud to a public cloud while maintaining consistent policy and unified management across all of your appliances. Cisco Smart Software Licensing makes it easy to deploy, manage, and track virtual instances of the appliance running on your premises.
Get the same power of the NGFW for your public and private clouds with these benefits:
Automated risk ranking and impact flags
Prioritize threats by gaining full visibility over your environment. Reduce the noise and volume of events to hone in on the high-impact items requiring immediate administrator action. Set rule recommendations that correlate host profiles with a level of vulnerability to automate impact analysis and contextualize the data, leveraging the best-of-breed Snort open-source intrusion prevention system (IPS).
License portability across clouds
Deploy appliances everywhere, from your super data center to your branch office, with the portability of one license to support virtual and physical solutions across public or private clouds (VMware, KVM, Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), government clouds). Expand, contract, or relocate workloads over time and span physical, virtual, and public cloud infrastructures with one license.
Unified management and automated threat correlation
Stop more threats by containing known and unknown malware with leading Advanced Malware Protection (AMP) and URL filtering. Reduce the complexity of managing multiple security products through a unified management of integrated tools.
Table 1. Features and specifications for NGFWv
|
Features |
Specifications |
|
Cisco Firepower Device Manager (local management) |
ESXi and KVM; Azure: Version 6.5 and above; AWS: 6.6 and above |
|
Centralized management |
Centralized configuration, logging, monitoring, and reporting are performed by the Cisco Firepower Management Center (all platforms including on-premises and in AWS, Azure, GCP and OCI(6.7 and above)) or alternatively in the cloud with Cisco Defense Orchestrator (ESXi and KVM; Azure: Version 6.5 and above) |
|
Application Visibility and Control (AVC) |
Standard, supporting more than 4000 applications, as well as geolocations, users, and websites |
|
AVC: OpenAppID support for custom, open-source, application detectors |
Standard |
|
Cisco Security Intelligence |
Standard, with IP, URL, and DNS threat intelligence |
|
Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS) |
Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence |
|
Cisco Advanced Malware Protection (AMP) for Networks |
Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco AMP for Endpoints is also optionally available. |
|
Cisco AMP Threat Grid sandboxing |
Available |
|
URL filtering: number of categories |
More than 80 |
|
URL filtering: number of URLs categorized |
More than 280 million |
|
Automated threat feed and IPS signature updates |
Yes: Class-leading Collective Security Intelligence (CSI) from the Cisco Talos® group (https://www.cisco.com/c/en/us/products/security/talos.html) |
|
Third-party and open-source ecosystem |
Open API for integrations with third-party products; Snort® and OpenAppID community resources for new and specific threats |
|
High availability and clustering |
Active/standby (ESXi and KVM only) |
|
Deployment modes |
Routed, transparent (inline set — IPS-only), and passive; AWS, Azure, GCP and OCI: routed mode only |
Note: Performance will vary depending on features activated, network traffic protocol mix, and packet size characteristics. Performance is subject to change with new software releases. Consult your Cisco representative for detailed sizing guidance.
Product performance guidelines
Note: Your performance may vary from the below. These should be considered general guidelines. Your actual performance will depend on your test environment, including CPU type, CPU speed, cache, number of interfaces, etc.
Table 2. Performance specifications for NGFWv (ESXi/KVM)
|
Specification |
4 vCPU |
8 vCPU |
12 vCPU |
|
Throughput: FW + AVC (1024B) |
3 Gbps |
5.5 Gbps |
10 Gbps |
|
Throughput: FW + AVC + IPS (1024B) |
3 Gbps |
5.5 Gbps |
10 Gbps |
|
Throughput: FW + AVC (450B) |
1.5 Gbps |
3 Gbps |
5 Gbps |
|
Throughput: FW + AVC + IPS (450B) |
1 Gbps |
2 Gbps |
3 Gbps |
|
Maximum concurrent sessions |
100,000 |
250,000 |
500,000 |
|
Maximum new connections per second |
20,000 |
20,000 |
40,000 |
|
Maximum VPN peers |
250 |
250 |
750 |
|
IPSec VPN throughput(1024B) TCP w/Fastpath) |
1.1 Gbps |
2 Gbps |
4 Gbps |
Table 3. Performance specifications for NGFWv 6.7 and later – AWS
|
AWS Instance type |
c5.xlarge |
c5.2xlarge |
c5.4xlarge |
|
Throughput: FW + AVC (1024B) |
2.2 Gbps |
4.3 Gbps |
8.6 Gbps |
|
Throughput: FW + AVC + IPS (1024B) |
2.2 Gbps |
4.3 Gbps |
8.4 Gbps |
|
Throughput: FW + AVC (450B) |
830 Mbps |
1.4 Gbps |
3.8 Gbps |
|
Throughput: FW + AVC + IPS (450B) |
830 Mbps |
1.4 Gbps |
3.2 Gbps |
|
Maximum concurrent sessions |
100,000 |
200,000 |
2M |
|
Maximum new connections per second |
24,500 |
45,900 |
82,800 |
|
Maximum VPN peers |
250 |
250 |
10,000 |
|
IPSec VPN throughput(1024B) TCP w/Fastpath) |
1.4 Gbps |
1.4 Gbps |
4 Gbps |
Table 4. Performance specifications for NGFWv 6.7 and later- Azure*
|
Azure VM type |
D3_v2 |
D4_v2 |
D5_v2 |
|
Throughput: FW + AVC (1024B) |
1.4 Gbps |
1.4 Gbps |
2.1 Gbps |
|
Throughput: FW + AVC + IPS (1024B) |
1.4 Gbps |
1.4 Gbps |
2.1 Gbps |
|
Throughput: FW + AVC (450B) |
450 Mbps |
450 Mbps |
550 Mbps |
|
Throughput: FW + AVC + IPS (450B) |
450 Mbps |
450 Mbps |
540 Mbps |
|
Maximum concurrent sessions |
100,000 |
250,000 |
1.5M |
|
Maximum new connections per second |
11,550 |
12,480 |
14,540 |
|
Maximum VPN peers |
250 |
250 |
10,000 |
|
IPSec VPN throughput (1024B) TCP w/Fastpath) |
839 Mbps |
1.6 Gbps |
2.7 Gbps |
Table 5. Performance specifications for NGFWv 6.7 and later- GCP
|
GCP machine type |
c2-standard-4 |
c2-standard-8 |
c2-standard-16 |
|
Throughput: FW + AVC (1024B) |
1.5 Gbps |
5.1 Gbps |
9.9 Gbps |
|
Throughput: FW + AVC + IPS (1024B) |
1.4 Gbps |
5.4 Gbps |
9.7 Gbps |
|
Throughput: FW + AVC (450B) |
450 Mbps |
1.7 Gbps |
2.3 Gbps |
|
Throughput: FW + AVC + IPS (450B) |
630 Mbps |
1.2 Gbps |
2.1 Gbps |
|
Maximum concurrent sessions |
100,000 |
250,000 |
2M |
|
Maximum new connections per second |
12,000 |
45,000 |
84,000 |
|
Maximum VPN peers |
250 |
250 |
10,000 |
|
IPSec VPN throughput (1024B) TCP w/Fastpath) |
1.5 Gbps |
1.5 Gbps |
4.1 Gbps |
Table 6. Performance specifications for NGFWv 6.7 and later- OCI*
|
OCI Shape type |
VM.Standard2.4 |
VM.Standard2.8 |
|
Throughput: FW + AVC (1024B) |
1.2 Gbps |
2.4 Gbps |
|
Throughput: FW + AVC + IPS (1024B) |
1.2 Gbps |
2.4 Gbps |
|
Throughput: FW + AVC (450B) |
410 Mbps |
920 Mbps |
|
Throughput: FW + AVC + IPS (450B) |
390 Mbps |
910 Mbps |
|
Maximum concurrent sessions |
250,000 |
2M |
|
Maximum new connections per second |
4900 |
10,000 |
|
Maximum VPN peers |
250 |
10,000 |
|
IPSec VPN throughput (1024B) TCP w/Fastpath) |
1.2 Gbps |
1.5 Gbps |
Table 7. System requirements for NGFWv
|
Specification |
Description |
|
VMware and KVM: Virtual CPUs and memory (6.4 and above) |
● 4 vCPU/8GB
● 8 vCPU/16GB
● 12 vCPU/24GB
|
|
VMware and KVM: Virtual CPUs and memory (6.3 and earlier) |
4 vCPU/8GB |
|
Storage |
50GB for all FTDv configurations |
|
Hypervisor support |
ESXi 6.0, 6.5, 6.7; KVM |
|
AWS Support |
● Instances: c3.xlarge, c4.xlarge
● Instances: c5.xlarge, c5.2xlarge, & c5.4xlarge (6.6 and above)
● Gov Marketplace
● China Marketplace
● Auto-Scale
● Enhanced Networking
|
|
Azure Support |
● Instances: D3, D3_v2,
● Instances: D4_v2 and D5_v2 (6.5 and above)
● Gov Marketplace
● China Marketplace
● Auto-Scale
● Accelerated Networking
|
|
GCP Support (6.7 and above) |
● Instances: c2-standard-4, c2-standard-8, c2-standard-16, n1-standard-4, n1-standard-8, n1-standard-16, n2-standard-4, n2-standard-8, n2-standard-16, n1-highcpu-8, n2-highcpu-8, n1-highcpu-16, n2-highmem-4, n2-highmem-8, n2-highmem-16, n2-highcpu-16
|
|
OCI Support (6.7 and above) |
● Instances: VM.Standard2.4, VM.Standard2.8
|
Table 8. Ordering information for NGFWv
|
Part number |
Description |
|
FPRTD-V-K9 |
Cisco Firepower Threat Defense (TD) Virtual Appliance |
|
L-FPRTD-V-T |
Cisco Firepower TD Virtual Threat Protection |
|
L-FPRTD-V-TM |
Cisco Firepower TD Virtual Threat and Malware Protection |
|
L-FPRTD-V-TC |
Cisco Firepower TD Virtual Threat Protection and URL |
|
L-FPRTD-V-TMC |
Cisco Firepower TD Virtual Threat, Malware, and URL Filtering |
|
L-FPRTD-V-AMP |
Cisco Firepower TD Virtual Malware Protect |
|
L-FPRTD-V-URL |
Cisco Firepower Threat Defense Virtual URL Filtering |
Cisco environmental sustainability
Information about Cisco’s environmental sustainability policies and initiatives for our products, solutions, operations, and extended operations or supply chain is provided in the “Environment Sustainability” section of Cisco’s Corporate Social Responsibility (CSR) Report.
Reference links to information about key environmental sustainability topics (mentioned in the “Environment Sustainability” section of the CSR Report) are provided in the following table:
|
Sustainability topic |
Reference |
|
Information on product material content laws and regulations |
|
|
Information on electronic waste laws and regulations, including products, batteries, and packaging |
