Cisco FPR3110
Thanks to Cisco Secure Firewall FPR3110 you will introduce the next level of security in your organization. Bet on the advanced variant of the next-generation firewall designed for medium and large enterprises looking for a comprehensive solution to protect your network infrastructure.
If you are using Cisco ASA devices, the FPR3110 is the right migration path.
The system uses advanced firewall technology that allows filtering the network traffic at the application level. It also offers IPS (Intrusion Prevention System) and VPN (Virtual Private Network) functions that provide access control and confidentiality of data transmitted over the network.
Additionally, Cisco FPR3110 has been equipped with network traffic analysis tools, thanks to which it can quickly detect and react to potential security threats. The scalability of the presented solution allows for easy expansion of the IT infrastructure depending on the changing business needs.
Cisco FPR3110 implementation – key benefits
Wondering if the Cisco Security 3110 series firewall is the right choice for you? Learn about the key benefits of a next-generation firewall.
High-quality network protection
The FPR3110 technology combines the advantages of a new generation firewall with advanced security features, providing comprehensive protection against external and internal threats.
Cisco Secure Firewalls are advanced security mechanisms such as:
- Cisco Security Intelligence – IP, URL and DNS threat detection
- Cisco Secure IPS – endpoint protection
- Cisco Malware Defence – enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco Secure Endpoint is also optionally available.
- Cisco Secure Malware Analytics
- URL Filtering – more than 80 categories, and 280 categorized URLs
Automation of security processes
Advanced machine learning and artificial intelligence algorithms used by the Cisco FPR3110 enable the automation of network security processes. This allows you to detect and respond to threats in real time, reducing response time and reducing the burden on IT staff.
Automatic updates of vulnerabilities and IPS signatures are guaranteed by the Collective Security Intelligence (CSI) of the Cisco Talos cell.
Application visibility control (AVC)
As standard, the FPR3110 provides the AVC function, supporting over 4,000 applications, as well as geolocation, users and websites. The FPR3100 series firewalls also support OpenAppID
Scalability and flexibility
The system provides scalable solutions for organizations of various sizes and network complexity. As a result, you can easily adapt it to your business needs, expand it as your organization grows, and provide flexibility in planning your network security strategy.
In addition, the Open API enables integration with external products such as Snort® and OpenAppID resources.
Ease of management
The Cisco Secure Firewall 3110’s simple and intuitive Firewall Management Center interface allows network administrators to easily configure, monitor, and manage the appliance. This, in turn, saves time and resources that your company can spend on strategic IT tasks.
If you prefer, you can manage your cloud firewall through the Cisco Defense Orchestrator.
High availability (HA)
Available modes: Active/active, Active/standby. The Cisco Secure Firewall 3100 allows you to create clusters of up to 8 chassis.
Implementation tailored to the needs of your organization
Take advantage of our offer and entrust us with the implementation directly at the company’s headquarters or in the cloud via virtual network protection. Check out how many advanced security and integration options the choice of next-generation firewall gives you now and entrust the cybersecurity in your organization to specialists from Grandmetric.
Performance and key functionalities
Model |
Firewall |
FW+AVC+IPS |
IPS Throughput |
Interfaces |
Optional interfaces |
FPR3105 |
10G |
10G |
10G |
8 x RJ45, 8 x 1/10G SFP+ |
10G SFP+ |
FPR3110 |
18G |
17G |
17G |
8 x RJ45, 8 x 1/10G SFP+ |
10G SFP+ |
FPR3120 |
22G |
21G |
21G |
8 x RJ45, 8 x 1/10G SFP+ |
10G SFP+ |
FPR3130 |
42G |
38G |
38G |
8 x RJ45, 8 x 1/10/25G SFP+ |
10G/25G/40G SFP+, 4X40G NM |
FPR3140 |
49G |
45G |
45G |
8 x RJ45, 8 x 1/10/25G SFP+ |
10G/25G/40G SFP+, 4X40G NM |
Specificatioin details
Feature |
FPR3105 |
FPR3110 |
FPR3120 |
FRP3130 |
FPR3140 |
Throughput: FW + AVC (1024B) |
10 Gbps |
17 Gbps |
21 Gbps |
38 Gbps |
45 Gbps |
Throughput: FW + AVC + IPS (1024B) |
10 Gbps |
17 Gbps |
21 Gbps |
38 Gbps |
45 Gbps |
Maximum concurrent sessions, with AVC |
1.5 mln |
2 mln |
4 mln |
6 mln |
10 mln |
Maximum new connections per second, with AVC |
90 thousand |
130 thousand |
170 thousand |
240 thousand |
300 thousand |
TLS |
3.2 Gbps |
4.8 Gbps |
6.7 Gbps |
9.1 Gbps |
11.5 Gbps |
Throughput: IPS (1024B) |
10 Gbps |
17 Gbps |
21 Gbps |
38 Gbps |
45 Gbps |
Throughput: IPSec VPN (1024B TCP w/Fastpath) |
5.5 Gbps |
8 Gbps |
10 Gbps |
17.8 Gbps |
22.4 Gbps |
Projected IPSec VPN Throughput
(1024B TCP w/Fastpath) with VPN Offload (FTD 7.2) |
NA |
11.5 Gbps |
13.5 Gbps |
33 Gbps |
39.4 Gbps |
Maximum VPN Peers |
2 thousand |
3 thousand |
6 thousand> |
15 thousand |
20 thousand |
Local On-device Management |
Yes |
Yes |
Yes> |
Yes |
Yes |
ASA Performance and capabilities on Secure Firewall 3100 appliances
Feature |
FPR3105 |
FPR3110 |
FPR3120 |
FRP3130 |
FPR3140 |
Stateful inspection firewall throughput * |
10 Gbps |
18 Gbps |
22 Gbps |
42 Gbps |
49 Gbps |
Stateful inspection firewall throughput (multiprotocol) ** |
9 Gbps |
15 Gbps |
17 Gbps |
39 Gbps |
43 Gbps |
Concurrent firewall connections |
1.5 mln |
2 mln |
4 mln |
6 mln |
10 mln |
New connections per second |
150 thousand |
300 thousand |
500 thousand |
875 thousand |
1.1 mln |
New connections per second |
3.2 Gbps |
4.8 Gbps |
6.7 Gbps |
9.1 Gbps |
11.5 Gbps |
IPsec VPN throughput
(450B UDP L2L test) |
5.5 Gbps |
8 Gbps |
10 Gbps |
14 Gbps |
17 Gbps |
IPSec VPN Throughput (1024B TCP w/Fastpath) |
5.5 Gbps |
8 Gbps |
10 Gbps |
17.8 Gbps |
22.4 Gbps |
Projected IPsec VPN throughput
(450B UDP L2L test) with VPN Offload (ASA 9.18) |
7 Gbps |
12 Gbps |
15.4 Gbps |
28 Gbps |
33 Gbps |
Maximum VPN Peers |
2 thousand |
3 thousand |
7 thousand |
15 thousand |
20 thousand |
Security contexts (included; maximum) |
2;100 |
2;100 |
2;100 |
2;100 |
2;100 |
High availability
|
Active/active; Active/standby |
Active/active; Active/standby |
Active/active; Active/standby |
Active/active; Active/standby |
Active/active; Active/standby |
Clustering |
8 |
8 |
8 |
8 |
8 |
Local On-device Management |
Yes |
Yes |
Yes> |
Yes |
Yes |
Local On-device Management |
Yes |
Yes |
Yes> |
Yes |
Yes |
Local On-device Management |
Yes |
Yes |
Yes |
Yes |
Yes |
* Throughput measured with 1500B User Datagram Protocol (UDP) traffic measured under ideal test conditions.
** “Multiprotocol” refers to a traffic profile consisting primarily of TCP-based protocols and applications like HTTP, SMTP, FTP, IMAPv4, BitTorrent, and DNS.