Latest

Cisco Next Generation Firewalls : Cisco Firepower 9300 Series introduction

Today I am going to talk about the Cisco Firepower 9300 series which is one of the most powerful box by Cisco systems. Cisco Firepower 9300 is a Next Generation Firewall and has various capabilities of AVC, IPS, AMP and URL filtering with the high throughput value.
  • AVC stands for Application Visibility and Control
  • IPS stands for Intrusion Prevention System
  • AMP stands for Advance Malware Protection

In this article, I will talk about Cisco 9300 Firepower next generation firewalls. Although you can have two different images in the box. You can use ASA image or NGFW image in all these 3 boxes as per the requirement in your network

Fig 1.1- Cisco Next Generation Firewalls- Cisco 9300 NGFW


Cisco Firepower 9300 is a highly scalable with carrier-grade, modular platform designed for service providers, high-performance computing centers, large data centers, campuses, high-frequency trading environments, and other environments that require low (less than 5-microsecond offload) latency and exceptional throughput. 

Cisco Firepower 9300 supports flow-offloading, programmatic orchestration, and the management of security services with RESTful APIs. It is also available in Network Equipment Building Standards (NEBS)-compliant configurations. 

Cisco Firepower 9300 Hardware Specifications
Let's talk about the hardware of Cisco Firepower 9300 which includes Network modules, Security modules and the interfaces supported in the Cisco Firepower 9300. It can support 2 Network module with supervisor engines and 3 Security module. 

For storage, it can provide Up to 2.4 TB per chassis (800 GB per security module in RAID-1 configurations.


Fig 1.2- Cisco 9300 NGFW throughput

Network modules
8 x 10 Gigabit Ethernet Enhanced Small Form-Factor Pluggable (SFP+) network modules
4 x 40 Gigabit Ethernet Quad SFP+ network modules
2 x 100 Gigabit Ethernet Quad SFP28 network modules (double-wide, occupies both network module bays)

Security modules
Cisco Firepower 9000 Security Module 24 with 2 x SSDs in RAID-1 configuration
Cisco Firepower 9000 Security Module 36 with 2 x SSDs in RAID-1 configuration

Maximum number of interfaces
Up to 24 x 10 Gigabit Ethernet (SFP+) interfaces; up to 8 x 40 Gigabit Ethernet (QSFP+) interfaces with 2 network modules