MID-RANGE FIREWALL COMPARISON

NSa 9650

NSa 9450

NSa 9250

NSa 6650

NSa 5650

NSa 4650

NSa 3650

NSa 2650

TotalSecure Firewall Overview

Deep Packet Inspection Firewall

Stateful Packet Inspection Firewall

Unlimited File Size Protection

Protocols Scanned

Threat Prevention Services Available

Application Intelligence and Control

Intrusion Prevention Service

Gateway Anti-Virus and Anti-Spyware

Content & URL Filtering (CFS)

SSL Inspection (DPI SSL)

Content Filtering Client (CFC)¹

Optional

Analyzer Reporting¹

Optional

Capture Advance Threat Protection¹

Optional

Enforced Client Anti-Virus and Anti-Spyware¹

Optional

24x7 Support

Firewall General

Interfaces

10 x 10-GbE SFP+, 2 x 10-GbE, 8 x 2.5-GbE, 8 x 1-GbE, 1 GbE Management, 1 Console

6 x 10-GbE SFP+, 2 x 10-GbE, 4 x 2.5-GbE SFP, 8 x 2.5-GbE, 8 x 1-GbE, 1 GbE Management, 1 Console

2 x 10-GbE SFP+, 2 x 10-GbE, 4 x 2.5-GbE SFP, 4 x 2.5-GbE, 16 x 1-GbE, 1 GbE Management, 1 Console

2 x 10-GbE SFP+, 4 x 2.5-GbE SFP, 4 x 2.5-GbE, 16 x 1-GbE, 1 GbE Management, 1 Console

2 x 10-GbE SFP+, 8 x 2.5-GbE SFP, 4 x 2.5-GbE, 12 x 1-GbE, 1 GbE Management, 1 Console

4 x 2.5-GbE SFP, 4 x 2.5-GbE, 12 x 1-GbE, 1 GbE Management, 1 Console

Built-in Storage

1TB, 128 GB

64 GB

32 GB

16 GB

Management

CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs

Nodes Supported

Unrestricted

Site-to-Site VPN Tunnels

12,000

8,000

6,000

4,000

3,000

1,000

IPSec VPN Clients (Maximum)

2,000 (6,000)

2,000 (4,000)

500 (3,000)

50 (1,000)

SSL VPN NetExtender Clients (Maximum)

50 (3,000)

2 (3,000)

2 (2,000)

2 (1,500)

2 (1,000)

2 (500)

2 (350)

VLAN Interfaces

512

500

400

256

Wireless Controller

WWAN Failover (4G/LTE)

Network Switch Management

Firewall/VPN Performance

Firewall Inspection Throughput²

17.1 Gbps

12.0 Gbps

6.25 Gbps

6.0 Gbps

3.75 Gbps

3.0 Gbps

Threat Prevention throughput³

9.4 Gbps

9.0 Gbps

6.5 Gbps

5.5 Gbps

3.4 Gbps

2.5 Gbps

1.75 Gbps

1.25 Gbps

Application Inspection Throughput³

11.5 Gbps

10.8 Gbps

7.75 Gbps

6.0 Gbps

4.25 Gbps

3.0 Gbps

2.1 Gbps

1.4 Gbps

IPS Throughput³

10.3 Gbps

10.2 Gbps

7.2 Gbps

6.0 Gbps

3.4 Gbps

2.3 Gbps

1.8 Gbps

1.4 Gbps

Anti-Malware Inspection Throughput³

8.5 Gbps

8.0 Gbps

6.5 Gbps

5.4 Gbps

2.8 Gbps

2.45 Gbps

1.5 Gbps

1.3 Gbps

IMIX Throughput

4.1 Gbps

2.65 Gbps

1.45 Gbps

1.3 Gbps

900 Mbps

700 Mbps

SSL DPI Throughput³

2.25 Gbps

2.1 Gbps

1.5 Gbps

1.45 Gbps

800 Mbps

675 Mbps

320 Mbps

250 Mbps

VPN Throughput⁴

10.0 Gbps

6.75 Gbps

6.0 Gbps

3.5 Gbps

3.0 Gbps

1.5 Gbps

1.3 Gbps

Maximum SPI Connections

12,500,000

10,000,000

7,500,000

5,000,000

4,000,000

3,000,000

2,000,000

1,000,000

Maximum DPI Connections

5,000,000

4,000,000

3,000,000

2,000,000

1,500,000

1,000,000

750,000

500,000

Default/Maximum Connections (DPI SSL)⁵

550,000/320,000

450,000/290,000

250,000/170,000

175,000/125,000

175,000/145,000

100,000/40,000

100,000/60,000

New Connections/Sec

130,000

90,000

40,000

14,000

Features

Logging and Reporting

Analyzer, Local Log, Syslog

Network Traffic Visualization

Netflow/IPFIX Reporting

SNMP

Authentication

LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)

Dynamic Routing

BGP, OSPF, RIP

Secure SD-WAN

Single Sign-on (SSO)

Voice over IP (VoIP) Security

PortShield Security

Port Aggregation

Link Redundancy

Policy-based Routing

Route-based VPN

Dynamic Bandwidth Management

Stateful High Availability

Multi-WAN

Load Balancing

Object-based Management

Policy-based NAT

IKEv2 VPN

TLS/SSL/SSH Decryption and Inspection

SSL Control

Auto-provision VPN

Biometric Authentication

Active/Active Cluster

Terminal Services Authentication/Citrix Support

DNS Proxy

Hardware Failover⁶

Active/Standby with State Sync, Active/Active DPI with State Sync, Active/Active Clustering

Active/Standby with State Sync, Active/Active Clustering

Active/Standby with State Sync