Cisco FirePower 9300

Cisco FP9300 is a chassis based enterprise grade firewall that provides high availability, scalability and throughput over 100+ Gbps depending on the hardware configuration.

A FP9300 chassis can have the following hardware components:

  • Chassis
  • Supervisor Module (SUP, Max 1 per chassis)
  • Security Module (SM, Max 3 per chassis)
  • Network Module (NM, Max 2 per chassis)

FP9300 Chassis

A Supervisor Module has the following ports:

  • RJ45
  • 1G Management Port.
  • 8*10G Built-in Ports

Network Modules (NM) can have the following port configuration:

  • 4*40G
  • 8*10G
  • 2*100G

Sup_NM_FP9300

Supervisor Module:

SUP attaches the SM to the Network.

SUP_HW_Diagram_FP9300

Security Module:

Security Modules (SM) comes in 2 main flavors:

  1. SM-36: 2 CPU, each with 36 cores for a total of 72 cores, 80Gbps
  2. SM-24: 2 CPU, each with 24 cores for a total of 48 cores, 60Gbps

Dual 800GB SSD in Raid-1 by default. SM modules have built-in Smart NIC & Crypto Accelerator.

SM_HW_Diagram_FP9300

Software:

Supervisor Module runs the FXOS software. An agent of the FXOS software will run on each of the Security Modules in order to enable the Supervisor to monitor and manage the SM.

Software_FP9300

Reference:

BRKSEC-3010 – Firepower 9300 Deep Dive (2016 Berlin)

Speaker(s)  Andrew Ossipov – Principal Engineer, Cisco