Cisco Firepower NGFW: Firewall Overview and Analysis

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  

See our complete list of top next-generation firewall vendors.
See user reviews for Cisco Firepower NGFW.

Company Description

Based in San Jose, California, Cisco is the world's largest networking infrastructure vendor. It also has a broad security, server and storage portfolio.

Product Description

Gartner placed Cisco in its Challengers quadrant. Its main product line is Cisco Firepower NGFW, which exists alongside its older Adaptive Security Appliance (ASA) product line, as well as its Meraki range for SMBs. In addition, the company offers two virtual firewalls (ASAv and NGFWv). Features include URL filtering, cloud-based sandboxing and malware protection, as well as integration with endpoint security, network traffic analysis, web gateway, email security, and network access control. It supports control of over 4,000 commercial applications with its Layer 7 application firewalling. Its OpenAppID tool enables development of custom application detectors.

"The Firepower is an integrated platform, with firewall, NGIPS, AMP, URL Filtering, and behavioral DDoS mitigation capability," said William Mabon, Senior Manager, Product Marketing for NGFW, Security Business Group, Cisco. "Cisco Firepower NGFW blocks more threats, and it contains those threats that get in faster."

Markets and Use Cases

SMBs, service providers, enterprise Internet edge, distributed enterprise/branch office deployments, industrial control environments, campus, data centers (traditional and micro-segmented), and carrier security gateway and Gi/SGi firewalling. Gartner calls Cisco "a good shortlist candidate for most enterprise use cases, particularly when enterprises want to deploy a broad set of security services that interact with the firewall."


1.2 Tbps clustered throughput, 57 million concurrent connections, 500,000 new connections per second.

Security Qualifications



IP, URL, and DNS threat intelligence


Physical and virtual appliances, support for Amazon AWS and Microsoft Azure public clouds.


Two endpoint agents are available:

  • Cisco AMP for Endpoints (Cisco Firepower correlates endpoint and network threats)
  • Cisco Umbrella, which enables both off-VPN DNS-based security plus the Cisco AnyConnect VPN client.


Firewalls start at less than $1,000. Prices start at just $35 per month with Cisco EasyPay leasing.


Loading Comments...