Avatar

Simultaneously secure and save with new 7.0 features and subscription models

Organizations rely on Cisco Secure Firewall Threat Defense Virtual (formerly FTDv/NGFWv), Cisco’s proven network firewall with IPS, URL filtering, and malware defense that protects virtualized environments in private and public clouds.

In addition to the improved IPS performance with Snort 3 and the new support for Hyperconverged Infrastructure platforms, our 7.0 release brings a wealth of other visibility, management and performance enhancements. This includes two additional improvements for Secure Firewall Threat Defense Virtual: licensing enhancements that lower consumption cost, plus a much larger virtual appliance option, FTDv100, that provides increased performance with a 16-core CPU configuration.

Licensing enhancements

The capabilities of our virtual firewall offerings can be cost-effectively consumed with a new, flexible, tiered licensing model. By making the base software available as a subscription with 1, 3, and 5-Year terms, customers benefit with lower total cost of ownership. These subscriptions include basic online embedded support, further lowering ownership cost when compared to perpetual licenses. Further, subscriptions enable a shift in spending from CapEx to OpEx, and allow portability across on-prem and cloud deployments.

Additionally, we are introducing performance tiers for Secure Firewall Threat Defense Virtual. This includes a low entry price, suitable for organizations of all sizes and requirements. With the performance tier licensing model, customers can now pick and choose the tier that meets their throughput requirements. Throughput starts at 100Mbps and extending to 16Gbps. The performance-tiered licensing also provides different VPN session limit options, depending upon your deployment requirements.

Any of the licenses can be used on any supported configuration, allowing higher tier licenses on lower tier vCPU/memory configurations, for future expansion flexibility.

Table 1: Performance tiered license entitlements

firewall

Software upgrade considerations

For current deployments running 6.7 or below, the upgrade to 7.0 will, by default, maintain the variable license tier and uses the non-tiered license entitlements. Customers can also choose the specific performance tier from their Cisco Smart Licensing account using Firewall Management Center or the local Firepower Device Manager.

Customers who have an existing non-tiered license can continue to use all entitlements, including the new FTDv100 tier.

Figure 1: Tier Selection in Secure Firewall Management Center (FMC)

Firewall

Public Cloud

Performance-tiered licenses can be applied and used on any supported platform,  including public clouds like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI) using the Bring Your Own License (BYOL) model.

The ability to use any of the performance-tiered licenses, on any supported resource combination, (i.e., vCPU/memory) enables virtual firewall licenses to be used on a wide variety of instance types across AWS, Azure, GCP and OCI platforms.

Support

The Base and TMC subscription include 8X5 online support at no additional cost and also provides software upgrades.

Cisco Solution Support is also available for the Base and TMC subscription that provides 24X7 technical phone support and is the recommended level of support.

References

Cisco Secure Firewall Threat Defense Virtual Appliance Data Sheet

Cisco Network Security Ordering Guide

Additional Resources

Snort 3: Rearchitected for Simplicity and Performance

Cisco Supports Secure Firewall Threat Defense Virtual on Nutanix AHV

Cisco Secure Firewall Threat Defense Virtual now supported on Cisco HyperFlex


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn



Authors

Uma Maheshwaran

Senior Product Manager

Network and Cloud Security