MID-RANGE FIREWALL COMPARISON

	NSa 9650	NSa 9450	NSa 9250	NSa 6650	NSa 5650	NSa 4650	NSa 3650	NSa 2650
TotalSecure Firewall Overview
Deep Packet Inspection Firewall
Stateful Packet Inspection Firewall
Unlimited File Size Protection
Protocols Scanned
Threat Prevention Services Available
Application Intelligence and Control
Intrusion Prevention Service
Gateway Anti-Virus and Anti-Spyware
Content & URL Filtering (CFS)
SSL Inspection (DPI SSL)
Content Filtering Client (CFC)¹	Optional	Optional	Optional	Optional	Optional	Optional	Optional	Optional
Analyzer Reporting¹	Optional	Optional	Optional	Optional	Optional	Optional	Optional	Optional
Capture Advance Threat Protection¹	Optional	Optional	Optional	Optional	Optional	Optional	Optional	Optional
Enforced Client Anti-Virus and Anti-Spyware¹	Optional	Optional	Optional	Optional	Optional	Optional	Optional	Optional
24x7 Support
Firewall General
Interfaces	10 x 10-GbE SFP+, 2 x 10-GbE, 8 x 2.5-GbE, 8 x 1-GbE, 1 GbE Management, 1 Console	10 x 10-GbE SFP+, 2 x 10-GbE, 8 x 2.5-GbE, 8 x 1-GbE, 1 GbE Management, 1 Console	10 x 10-GbE SFP+, 2 x 10-GbE, 8 x 2.5-GbE, 8 x 1-GbE, 1 GbE Management, 1 Console	6 x 10-GbE SFP+, 2 x 10-GbE, 4 x 2.5-GbE SFP, 8 x 2.5-GbE, 8 x 1-GbE, 1 GbE Management, 1 Console	2 x 10-GbE SFP+, 2 x 10-GbE, 4 x 2.5-GbE SFP, 4 x 2.5-GbE, 16 x 1-GbE, 1 GbE Management, 1 Console	2 x 10-GbE SFP+, 4 x 2.5-GbE SFP, 4 x 2.5-GbE, 16 x 1-GbE, 1 GbE Management, 1 Console	2 x 10-GbE SFP+, 8 x 2.5-GbE SFP, 4 x 2.5-GbE, 12 x 1-GbE, 1 GbE Management, 1 Console	4 x 2.5-GbE SFP, 4 x 2.5-GbE, 12 x 1-GbE, 1 GbE Management, 1 Console
Built-in Storage	1TB, 128 GB	1TB, 128 GB	1TB, 128 GB	64 GB	64 GB	32 GB	32 GB	16 GB
Management	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs	CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs
Nodes Supported	Unrestricted	Unrestricted	Unrestricted	Unrestricted	Unrestricted	Unrestricted	Unrestricted	Unrestricted
Site-to-Site VPN Tunnels	12,000	12,000	12,000	8,000	6,000	4,000	3,000	1,000
IPSec VPN Clients (Maximum)	2,000 (6,000)	2,000 (6,000)	2,000 (6,000)	2,000 (6,000)	2,000 (6,000)	2,000 (4,000)	500 (3,000)	50 (1,000)
SSL VPN NetExtender Clients (Maximum)	50 (3,000)	2 (3,000)	2 (3,000)	2 (2,000)	2 (1,500)	2 (1,000)	2 (500)	2 (350)
VLAN Interfaces	512	512	512	512	500	400	256	256
Wireless Controller
WWAN Failover (4G/LTE)
Network Switch Management
Firewall/VPN Performance
Firewall Inspection Throughput²	17.1 Gbps	17.1 Gbps	12.0 Gbps	12.0 Gbps	6.25 Gbps	6.0 Gbps	3.75 Gbps	3.0 Gbps
Threat Prevention throughput³	9.4 Gbps	9.0 Gbps	6.5 Gbps	5.5 Gbps	3.4 Gbps	2.5 Gbps	1.75 Gbps	1.25 Gbps
Application Inspection Throughput³	11.5 Gbps	10.8 Gbps	7.75 Gbps	6.0 Gbps	4.25 Gbps	3.0 Gbps	2.1 Gbps	1.4 Gbps
IPS Throughput³	10.3 Gbps	10.2 Gbps	7.2 Gbps	6.0 Gbps	3.4 Gbps	2.3 Gbps	1.8 Gbps	1.4 Gbps
Anti-Malware Inspection Throughput³	8.5 Gbps	8.0 Gbps	6.5 Gbps	5.4 Gbps	2.8 Gbps	2.45 Gbps	1.5 Gbps	1.3 Gbps
IMIX Throughput	4.1 Gbps	4.1 Gbps	2.65 Gbps	2.65 Gbps	1.45 Gbps	1.3 Gbps	900 Mbps	700 Mbps
SSL DPI Throughput³	2.25 Gbps	2.1 Gbps	1.5 Gbps	1.45 Gbps	800 Mbps	675 Mbps	320 Mbps	250 Mbps
VPN Throughput⁴	10.0 Gbps	10.0 Gbps	6.75 Gbps	6.0 Gbps	3.5 Gbps	3.0 Gbps	1.5 Gbps	1.3 Gbps
Maximum SPI Connections	12,500,000	10,000,000	7,500,000	5,000,000	4,000,000	3,000,000	2,000,000	1,000,000
Maximum DPI Connections	5,000,000	4,000,000	3,000,000	2,000,000	1,500,000	1,000,000	750,000	500,000
Default/Maximum Connections (DPI SSL)⁵	550,000/320,000	450,000/290,000	250,000/170,000	250,000/170,000	175,000/125,000	175,000/145,000	100,000/40,000	100,000/60,000
New Connections/Sec	130,000	130,000	90,000	90,000	40,000	40,000	14,000	14,000
Features
Logging and Reporting	Analyzer, Local Log, Syslog	Analyzer, Local Log, Syslog	Analyzer, Local Log, Syslog	Analyzer, Local Log, Syslog	Analyzer, Local Log, Syslog	Analyzer, Local Log, Syslog	Analyzer, Local Log, Syslog	Analyzer, Local Log, Syslog
Network Traffic Visualization
Netflow/IPFIX Reporting
SNMP
Authentication	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)	LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)
Dynamic Routing	BGP, OSPF, RIP	BGP, OSPF, RIP	BGP, OSPF, RIP	BGP, OSPF, RIP	BGP, OSPF, RIP	BGP, OSPF, RIP	BGP, OSPF, RIP	BGP, OSPF, RIP
Secure SD-WAN
Single Sign-on (SSO)
Voice over IP (VoIP) Security
PortShield Security
Port Aggregation
Link Redundancy
Policy-based Routing
Route-based VPN
Dynamic Bandwidth Management
Stateful High Availability
Multi-WAN
Load Balancing
Object-based Management
Policy-based NAT
IKEv2 VPN
TLS/SSL/SSH Decryption and Inspection
SSL Control
Auto-provision VPN
Biometric Authentication
Active/Active Cluster
Terminal Services Authentication/Citrix Support
DNS Proxy
Hardware Failover⁶	Active/Standby with State Sync, Active/Active DPI with State Sync, Active/Active Clustering	Active/Standby with State Sync, Active/Active DPI with State Sync, Active/Active Clustering	Active/Standby with State Sync, Active/Active DPI with State Sync, Active/Active Clustering	Active/Standby with State Sync, Active/Active DPI with State Sync, Active/Active Clustering	Active/Standby with State Sync, Active/Active DPI with State Sync, Active/Active Clustering	Active/Standby with State Sync, Active/Active Clustering	Active/Standby with State Sync, Active/Active Clustering	Active/Standby with State Sync

1. Services must be purchased separately.
2. Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services.
3. Full DPI/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs. Threat Prevention throughput measured with Gateway AV, Anti-Spyware, IPS and Application Control enabled.
4. VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544.
5. For every 125,000 DPI connections reduced, the number of available DPI SSL connections increases by 3,000 except for NSa 9250 and above.
6. Active/Active Clustering and Active/Active DPI with State Sync require the purchase of Expanded License.

Subscribe to newsletter

Stay In Touch

Email Address*

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
Hidden
Country
Hidden
Company

Hidden
States
Hidden
Dnb- ZIP

Hidden
Dnb- Phone
Hidden
elqCampaignId

Hidden
elqTrackId

Hidden
utm_campaign

Hidden
utm_medium

Hidden
utm_source

Hidden
utm_term

Hidden
utm_content

Hidden
gclid

Hidden
sfdc_campaign_id

Hidden
DnB - Address

Hidden
DnB - First Name

Hidden
DnB - Last Name

Hidden
DnB - Duns

Hidden
DnB - Global Ult (HQ) DUNS

Hidden
DnB - Global Ult (HQ) Company

Hidden
DnB - Employee Count

Hidden
DnB - Trade Name

Hidden
DnB - Currency

Hidden
DnB - Vanity Title

Hidden
DnB - Country

Hidden
DnB - State

Hidden
DnB - Zip

Hidden
DnB - City

Hidden
DnB - Global Employee Count

Hidden
DnB - SIC Code

Hidden
DnB - SIC Description

Hidden
DnB - NAICS Code

Hidden
DnB - NAICS Description

Hidden
DnB - Revenue

Hidden
DnB - Domain

Hidden
DnB - Business Phone

Hidden
DnB - Company

Hidden
DnB - DataSource

Hidden
DnB - DMACode

Hidden
DnB - EmployeeRange

Hidden
DnB - Fortune1000

Hidden
DnB - Fortune200

Hidden
DnB - Industry

Hidden
DnB - Postal Code

Hidden
DnB - PrimarySIC

Hidden
DnB - SubIndustry

Hidden
DnB - PrimaryNAICS

Hidden
DnB - StockTicker

Hidden
DnB - Revenue Range

Hidden
DnB - State or Province

Hidden
DnB - Website

Name
This field is for validation purposes and should be left unchanged.

MID-RANGE FIREWALL COMPARISON

Follow Us

Subscribe to newsletter

Stay In Touch