Cisco announced on Wednesday the launch of four new threat-focused Firepower next-generation firewalls (NGFWs) designed for banks, retailers and other businesses that conduct a high volume of sensitive transactions.
The new products are part of the Firepower 2100 series NGFWs, which provide throughput ranging between 1.9 and 8.5 Gbps, and support up to two dozen 1 Gigabit Ethernet (GE) ports or sixteen 10 GE ports.
According to Cisco, the new firewalls have a dual CPU, multi-core architecture designed to optimize firewall, cryptographic and threat inspection functionality.
“The design employs Intel multi-core CPUs for Layer 7 threat inspections (app visibility, intrusion detection, URL filtering, malware and file inspection, user identity, etc.) and a combination of merchant and a Network Processing Unit (NPU) for layer 2-4 traffic (stateful firewall, NAT, VPN-SSL encryption/decryption, and more),” explained Cisco’s David Stuart.
The networking giant says firewalls typically slow down throughput performance by up to 50 percent with intrusion prevention functionality fully enabled, but claims its new product can have a less than one percent impact.
Cisco also announced that it has made some improvements to its local, centralized and cloud-based management tools. This includes a web-based interface in the Firepower Device Manager to help users quickly deploy appliances via a setup wizard.
It also includes enhancements to the Firepower Management Center (FMC), which allows users to automate various security tasks, such as assessments, tuning, containment and remediation. The FMC can now also automatically receive third-party and customer-specific intelligence via the Threat Intelligence Director (TID).
Finally, Cisco said its Cloud Defense Orchestrator, designed for cloud-based policy management, now supports the Cisco Web Security Appliance (WSA) v. 11 and is available via a Europe-based cloud.
Related: Cisco Launches “Umbrella” Secure Internet Gateway
Related: Cisco CloudCenter Orchestrator Flaw Exploited in Attacks
Related: Cisco Finds New Zero-Day Linked to “Shadow Brokers” Exploit