Cisco Firepower 4100 Series Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Firewall
  5. Firepower 4100 Series
  6. Manual

Cisco Firepower 4100 Series Manual

Hide thumbs Also See for Firepower 4100 Series:
Table of Contents

Advertisement

Quick Links

Overview

Features

The Cisco Firepower 4100 series security appliance is a standalone modular security services platform. It is
capable of running multiple security services simultaneously and so is targeted at the data center as a
multiservice platform. The series includes the Firepower 4110, 4120, 4140, and 4150. See
on page 26
The Firepower 4100 series supports Cisco Firepower Threat Defense, Cisco Firepower eXtensible Operating
System (FXOS), and Cisco ASA software. See
software and hardware compatibility information for the Firepower 4100 series.
The Firepower 4100 is certified for the following security standards on ASA 9.8.x and FTD 6.2.x:
• Common Criteria (CC) and Commercial Solutions for Classified (CSFC)
• Federal Information Processing Standards (FIPS)
• Department of Defense Information Network Approved Product List (DoDIN APL)
• US Government Compliance for IPv6 (USGv6)
Features, on page 1
Package Contents, on page 4
Front Panel, on page 6
Front Panel LEDs, on page 7
Rear Panel, on page 8
Network Modules, on page 9
Fan Modules, on page 20
Product ID Numbers, on page 26
for a list of the product IDs (PIDs) associated with the 4100 series.
Cisco Firepower 4100/9300 FXOS
Product ID Numbers,
Compatibility, which lists
Overview
1

Advertisement

Table of Contents
loading

Related Manuals for Cisco Firepower 4100 Series

Summary of Contents for Cisco Firepower 4100 Series

  • Page 1: Table Of Contents

    Power Cord Specifications, on page 29 Features The Cisco Firepower 4100 series security appliance is a standalone modular security services platform. It is capable of running multiple security services simultaneously and so is targeted at the data center as a multiservice platform.
  • Page 2 Overview Features The Firepower 4100 series is certified for the following security standards on ASA 9.12.x and FTD 6.4.x: • DoDIN APL See the "Security Certifications Compliance" chapter in the Cisco FXOS CLI Configuration Guide Cisco FXOS Firepower Chassis Manager Configuration Guide for the procedure to enable security modes.
  • Page 3 Overview Features Feature 4110 4120 4140 4150 Network ports Eight fixed 1-Gb and 10-Gb SFP ports (named Ethernet 1/1 through 1/8) SFP ports Eight fixed 1-Gb and 10-Gb SFP ports Pullout asset card Displays the serial number; on the front panel Grounding lug On rear panel Locator beacon...

  • Page 4: Deployment Options

    Overview Deployment Options Deployment Options Here are some examples of how you can deploy the Firepower 4100: • In a data center using NGFW and ASA • At the core/aggregation layer of a 3-tier data center in a high availability configuration •...

  • Page 5: Serial Number Location

    Welcome to the Cisco Firepower 4100 Serial Number Location The serial number for the Firepower 4100 series chassis is located on the pullout asset card on the front panel. Figure 3: Serial Number on the 4100 Chassis You can also view additional model information on the compliance label located on the bottom of the chassis.

  • Page 6: Front Panel

    Overview Front Panel Figure 4: Compliance Label on the 4100 Chassis Front Panel The following figure shows the front panel of the Firepower 4100. Figure 5: Firepower 4100 Front Panel RJ-45 console port Gigabit Ethernet management port USB 2.0 Type A port Eight fixed SFP+ (1-Gb/10-Gb) ports (in network module slot 1) Gigabit Ethernet 1/1 through 1/8 labeled top to...

  • Page 7: Front Panel Leds

    Overview Front Panel LEDs Network module 3 The 10-Gb network module is shown. Note Front Panel LEDs The following figure and table describe the Firepower 4100 front panel LEDs. Figure 6: Front Panel LEDs Management Health (SYS) • Off—No connection or port is not in use. •...

  • Page 8: Rear Panel

    Overview Rear Panel Active (ACT) Locator LED This LED is not supported; reserved for future • Off—Locate is off. use. • Blue—Locate is on. Network activity • Off—No connection or port is not in use. • Amber—No link or network failure. •...

  • Page 9: Network Modules

    Make sure you have the correct firmware package and software version installed to support this network module. For instructions on how to verify your firmware package version and to upgrade the firmware if necessary, see the Cisco Firepower 4100/9300 FXOS Firmware Upgrade Guide. See Cisco Firepower 4100/9300 FXOS Compatibility for the software compatibility matrix.
  • Page 10 Overview 40-Gb Network Module Note You can fit four copper SFPs in either the top row of ports or the bottom row of ports. Both rows cannot be populated at the same time, because of the port row spacing. Figure 8: FPR4K-NM-8X10G Captive screw/handle Ethernet X/1 Ethernet X/3...

  • Page 11: Hardware Bypass Network Modules

    Make sure you have the correct firmware package and software version installed to support this network module. For instructions on how to verify your firmware package version and to upgrade the firmware if necessary, see the Cisco Firepower 4100/9300 FXOS Firmware Upgrade Guide. See Cisco Firepower 4100/9300 FXOS Compatibility for the software compatibility matrix.
  • Page 12 Overview Hardware Bypass Network Modules Note Hardware bypass is only supported in inline mode. Also, hardware bypass support depends on your software application. Note When the appliance switches from normal operation to hardware bypass or from hardware bypass back to normal operation, traffic may be interrupted for several seconds.
  • Page 13 Make sure you have the correct firmware package and software version installed to support this network module. For instructions on how to verify your firmware package version and to upgrade the firmware if necessary, see the Cisco Firepower 4100/9300 FXOS Firmware Upgrade Guide. See Cisco Firepower 4100/9300 FXOS Compatibility for the software compatibility matrix.
  • Page 14 Make sure you have the correct firmware package and software version installed to support this network module. For instructions on how to verify your firmware package version and to upgrade the firmware if necessary, see the Cisco Firepower 4100/9300 FXOS Firmware Upgrade Guide. See Cisco Firepower 4100/9300 FXOS Compatibility for the software compatibility matrix.
  • Page 15 50 m cable distance Note See the Cisco 40GBASE QSFP Modules Data Sheet for specifications of the QSFP for the 40-Gb BASE-SR-4. We recommend the following Cisco OM3 MTP/MPO cables. Table 3: Cisco Cables Cisco Part Number Cable Length CAB-ETH-40G-5M...
  • Page 16 Make sure you have the correct firmware package and software version installed to support this network module. For instructions on how to verify your firmware package version and to upgrade the firmware if necessary, see the Cisco Firepower 4100/9300 FXOS Firmware Upgrade Guide. See Cisco Firepower 4100/9300 FXOS Compatibility for the software compatibility matrix.
  • Page 17 Overview 1-Gb SX/10-Gb SR/10-Gb LR Network Module with Hardware Bypass Table 4: 1-Gb SX Network Module (FPR4K-NM-6X1SX-F) Operating Mode Typical Maximum Insertion loss Normal 0.9 dB 1.4 dB Hardware bypass 1.2 dB 1.7 dB Core diameter (microns) Modal bandwidth Cable distance (MHz/km) Note Half the...

  • Page 18: Power Supply Modules

    Overview Power Supply Modules Insertion loss Normal 1.2 dB 1.6 dB Hardware bypass 1.5 dB 1.9 dB Core diameter (microns) Modal bandwidth Cable distance (MHz/km) Note Half the distance specified by the IEEE standard. Cable and operating G.652 Single mode 5 km distance Power Supply Modules...
  • Page 19 Overview Power Supply Modules Maximum current 13 A (at 100 V AC) The system power requirements are lower than the power Note supply module capabilities. See Hardware Specifications, on page 24 for the system power requirements. Maximum output power 1100 W Frequency 50 to 60 Hz Redundancy...

  • Page 20: Fan Modules

    Overview Fan Modules Figure 13: Power Supply Module LEDs Amber FAIL LED Green OK LED The following table describes the power module supply LEDs and their states. Table 9: Power Supply Module LEDs Amber LED (Fail Green LED (OK Status) Status) No power to all power supplies Power supply module failure...

  • Page 21: Supported Sfp/Sfp+ And Qsfp Transceivers

    Overview Supported SFP/SFP+ and QSFP Transceivers The fan modules are numbered left to right, for example, FAN1, FAN2, FAN3, FAN4, FAN5, and FAN6. Remove and Replace the Fan Module for the procedure for removing and replacing the fan module. The following figure shows the location of the fan LED. Figure 14: Fan LED Two-color LED The fan module has one two-color LED, which is located on the upper left corner of the fan.
  • Page 22 Caution For some earlier production Firepower 4100 chassis, you may experience difficulty using the GLC-TE SFP on the management port or fixed ports. Contact Cisco TAC for support if you encounter problems with the GLC-TE SFP. The following table lists the Cisco supported transceivers.
  • Page 23 Overview Supported SFP/SFP+ and QSFP Transceivers 10G-LRM SFP-10G-LRM 10G-ER SFP-10G-ER 10G-ER-S SFP-10G-ER-S 10G-ZR-S SFP-10G-ZR-S 10G Cu, 1m SFP-H10GB-CU1M 10G Cu, 1.5m SFP-H10GB-CU1-5M 10G Cu, 2m SFP-H10GB-CU2M 10G Cu, 2.5m SFP-H10GB-CU2-5M 10G Cu, 3m SFP-H10GB-CU3M 10G Cu, 5m SFP-H10GB-CU5M 10G Cu, 7m SFP-H10GB-ACU7M 10G Cu, 10m SFP-H10GB-ACU10M...

  • Page 24: Hardware Specifications

    Overview Hardware Specifications 40G-4X10G-CU-A, 7M, 10M QSFP-4X10G-AC 40G-AOC, 1M, 2M, 3M, 5M, 7M, 10M, 15M QSFP-H40G-AOC Hardware Specifications The following table contains hardware specifications for the Firepower 4100. Table 11: Firepower 4100 Hardware Specifications Specification 4110 4120 4140 4150 Physical 1 RU Form factor Fits standard 19-in.
  • Page 25 Overview Hardware Specifications Specification 4110 4120 4140 4150 Power AC: 100/240 V AC 10 A (at 100 V), 50 to 60 Hz System power DC: -40 V DC to -60 V DC, 26 A (at -40 V) Power supply AC or DC module Redundant power Environment...

  • Page 26: Product Id Numbers

    0 to 13,000 ft (3962 Product ID Numbers The following table lists the PIDs associated with the Firepower 4100 series. All of the PIDs in the table are field-replaceable. See the show inventory command in the Cisco Firepower 4100/9300 FXOS Command...
  • Page 27 Overview Product ID Numbers Description FPR4120-NGFW-K9 Cisco Firepower 4120 NGFW appliance, 1 RU, two network module bays FPR4120-NGIPS-K9 Cisco Firepower 4120 NGIPS appliance, 1 RU, two network module bays FPR4140-AMP-K9 Cisco Firepower 4140 AMP appliance, 1 RU, two network module bays...
  • Page 28 Overview Product ID Numbers Description FPR4K-NM-6X10LR-F= 6-port 10-Gb LR hardware bypass network module (spare) FPR4K-NM-6X10SR-F 6-port 10-Gb SR hardware bypass network module FPR4K-NM-6X10SR-F= 6-port 10-Gb SR hardware bypass network module (spare) FPR4K-NM-6X1SX-F 6-port 1-Gb SX fiber hardware bypass network module FPR4K-NM-6X1SX-F= 6-port 1-Gb SX fiber hardware bypass network module (spare)

  • Page 29: Power Cord Specifications

    Overview Power Cord Specifications Power Cord Specifications Each power supply has a separate power cord. Standard power cords are available for connection to the security appliance. If you do not order the optional power cord with the system, you are responsible for selecting the appropriate power cord for the product.
  • Page 30 Overview Power Cord Specifications Figure 18: Brazil CAB-250V-10A-BR Plug: EL223 (NBR 14136) Cord set rating: 10 A, 250 V Connector: EL 701B (EN 60320/C13) Figure 19: Brazil PWR-CORD-G2A-BZ Plug: NBR 14136 Cord set rating: 10 A, 250 V Connector: IEC 60320-C13 Figure 20: China CAB-9K10A-CH Plug: CCC GB2099.1, GB1002 Cord set rating: 10 A, 250 V...
  • Page 31 Overview Power Cord Specifications Figure 21: Denmark CAB-TA-DN Plug: DK3 Cord set rating: 10 A, 250 V Connector: IEC 60320-C13 Figure 22: Europe CAB-AC-EUR Plug: CEE 7/7 Cord set rating: 10 A, 250 V Connector: IEC 60320-C15 Figure 23: India CAB-250V-10A-ID Plug: IS 6538-1971 Cord set rating: 10 A, 250 V Connector: IEC 60320-C13...
  • Page 32 Overview Power Cord Specifications Figure 24: Israel CAB-250V-10A-IS Plug: SI-32 Cord set rating: 10 A, 250 V Connector: IEC 60320-C13 Figure 25: Italy CAB-9K10A-IT Plug: CEI 23-16/VII Cord set rating: 10 A, 250 V Connector: IEC 60320-C15 Figure 26: Korea CAB-9K10A-KOR Plug: CEE 7/7 Cord set rating: 10 A, 250 V Connector: IEC 60320-C19...
  • Page 33 Overview Power Cord Specifications Figure 27: Japan CAB-L620P-C13-JPN Plug: NEMA L6-20P Cord set rating: 15 A, 250 V Connector: IEC 60320-C13 Figure 28: Japan CAB-TA-JP Plug: NEMA5-15P/JIS 8303 Cord set rating: 12 A, 125 V Connector: IEC 60320-C15 Figure 29: North America CAB-TA-NA Plug: NEMA5-15P Cord set rating: 12 A, 125 V Connector: IEC 60320-C15...
  • Page 34 Overview Power Cord Specifications Figure 30: Saudi Arabia ATA187PWRCORD-SAUD Plug: BS1363A/SS145 Cord set rating: 10 A, 250 V Connector: IEC 60320-C13 Figure 31: South Africa CAB-9K10A-SA Plug: SABS 164 Cord set rating: 10 A, 250 V Connector: IEC 60320-C15 Figure 32: Switzerland CAB-9K10A-SW Plug: SEV 1011 Cord set rating: 10 A, 250 V Connector: IEC 60320-C15...
  • Page 35 Overview Power Cord Specifications Figure 33: Taiwan CAB-9K10A-TWN Plug: CNS10917-2 Cord set rating: 10 A, 125 V Connector: IEC 60320-C15 Figure 34: United Kingdom CP-PWR-CORD-UK Plug: BS1363A/SS145 Cord set rating: 10 A, 250 V Connector: IEC 60320-C13 Overview...
  • Page 36 Overview Power Cord Specifications Overview...

This manual is also suitable for:

Firepower 4110Firepower 4120Firepower 4140Firepower 4150

Table of Contents