Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco Firepower NGFW Virtual (NGFWv) Appliance Data Sheet

Data Sheet

Available Languages

Download Options

  • PDF
    (345.8 KB)
    View with Adobe Reader on a variety of devices
Updated:June 24, 2020

Available Languages

Download Options

  • PDF
    (345.8 KB)
    View with Adobe Reader on a variety of devices
Updated:June 24, 2020


Today, businesses rely on a mixture of physical and virtual solutions to meet their network security needs. They need the flexibility to deploy different physical and virtual firewalls across a wide range of environments while still maintaining consistent policy throughout branch offices, corporate datacenters, and all entry points between. From data center consolidation to office relocations, mergers and acquisitions, or seasonal peaks in demand on your applications, Cisco’s virtual firewall portfolio helps businesses simplify security management with the convenience of unified policy and the flexibility to deploy everywhere.

Cisco® Next-Generation Firewall Virtual (NGFWv) appliance combines Cisco’s proven network firewall with advanced next-gen IPS, URL filtering, and malware detection. Identify and eliminate threats automatically, freeing up security and network operations teams. NGFWv also simplifies protecting virtualized environments by enabling consistent security policies to follow your workloads across physical, private, and public cloud environments. Get deep visibility into your network to quickly detect threat origin and activity, then stop attacks before they impact your business. Cisco virtual firewall offerings mitigate any significant shift in demand on your IT department so you can protect your workloads against increasingly complex threats with world-class security controls.

Product overview

Product overview -  A close up of a logoDescription automatically generated

NGFWv is the virtualized option of our popular NGFW solution and offers security in traditional physical data centers and private and public clouds. Prioritize threats with automated risk rankings and impact flags to focus your resources on events requiring immediate action. License portability provides the flexibility to move from your on-premises private cloud to a public cloud while maintaining consistent policy and unified management across all of your appliances. Cisco Smart Software Licensing makes it easy to deploy, manage, and track virtual instances of the appliance running on your premises.


Get the same power of the NGFW for your public and private clouds with these benefits:

Automated risk ranking and impact flags

Prioritize threats by gaining full visibility over your environment. Reduce the noise and volume of events to hone in on the high-impact items requiring immediate administrator action. Set rule recommendations that correlate host profiles with a level of vulnerability to automate impact analysis and contextualize the data, leveraging the best-of-breed Snort open-source intrusion prevention system (IPS).

License portability across clouds

Deploy appliances everywhere, from your super data center to your branch office, with the portability of one license to support virtual solutions across public or private clouds (VMware, KVM, AWS, Azure, government clouds). Expand, contract, or relocate workloads over time and span private and public cloud infrastructures with one license.

Unified management and automated threat correlation

Stop more threats by containing known and unknown malware with leading Advanced Malware Protection (AMP) and URL filtering. Reduce the complexity of managing multiple security products through a unified management of integrated tools.

Features and specifications

Table 1.           Features and specifications for NGFWv



Cisco Firepower Device Manager (local management)

ESXi and KVM; Azure: Version 6.5 and above; AWS: 6.6 and above

Centralized management

Centralized configuration, logging, monitoring, and reporting are performed by the Cisco Firepower Management Center (all platforms including on-premises and in AWS and Azure) or alternatively in the cloud with Cisco Defense Orchestrator (ESXi and KVM; Azure: Version 6.5 and above)

Application Visibility and Control (AVC)

Standard, supporting more than 4000 applications, as well as geolocations, users, and websites

AVC: OpenAppID support for custom, open-source, application detectors


Cisco Security Intelligence

Standard, with IP, URL, and DNS threat intelligence

Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS)

Available; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence

Cisco Advanced Malware Protection (AMP) for Networks

Available; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco AMP for Endpoints is also optionally available.

Cisco AMP Threat Grid sandboxing


URL filtering: number of categories

More than 80

URL filtering: number of URLs categorized

More than 280 million

Automated threat feed and IPS signature updates

Yes: Class-leading Collective Security Intelligence (CSI) from the Cisco Talos® group (https://www.cisco.com/c/en/us/products/security/talos.html)

Third-party and open-source ecosystem

Open API for integrations with third-party products; Snort® and OpenAppID community resources for new and specific threats

High availability and clustering

Active/standby (ESXi and KVM only)

Deployment modes

Routed, transparent (inline set — IPS-only), and passive; AWS and Azure: routed mode only

Note:       Performance will vary depending on features activated, network traffic protocol mix, and packet size characteristics. Performance is subject to change with new software releases. Consult your Cisco representative for detailed sizing guidance.

Product performance guidelines

Note:       Your performance may vary from the below. These should be considered general guidelines. Your actual performance will depend on your test environment, including CPU type, CPU speed, cache, number of interfaces, etc.

Table 2.           Performance specifications for NGFWv


4 vCPU

8 vCPU

12 vCPU

Throughput: FW + AVC (1024B)

3 Gbps

5.5 Gbps

10 Gbps

Throughput: FW + AVC + IPS (1024B)

3 Gbps

5.5 Gbps

10 Gbps

Throughput: FW + AVC (450B)

1.5 Gbps

3 Gbps

5 Gbps

Throughput: FW + AVC + IPS (450B)

1 Gbps

2 Gbps

3 Gbps

Maximum concurrent sessions




Maximum new connections per second




Maximum VPN peers




System requirements

Table 3.           System requirements for NGFWv



VMware and KVM: Virtual CPUs and memory (6.4 and above)

  4 vCPU/8GB
  8 vCPU/16GB
  12 vCPU/24GB

VMware and KVM: Virtual CPUs and memory (6.3 and earlier)

4 vCPU/8GB


50GB for all FTDv configurations

Hypervisor support

ESXi 6.0, 6.5, 6.7; KVM

AWS Support

  Instances: c3.xlarge, c4.xlarge
  Instances: c5.xlarge, c5.2xlarge, & c5.4xlarge (6.6 and above)
  Gov Marketplace
  China Marketplace
  Enhanced Networking

Azure Support

  Instances: D3, D3_V2,
  Instances: D4_v2 and D5_v2 (6.5 and above)
  Gov Marketplace
  China Marketplace

Ordering information

Table 4.           Ordering information for NGFWv

Part number



Cisco Firepower Threat Defense (TD) Virtual Appliance


Cisco Firepower TD Virtual Threat Protection


Cisco Firepower TD Virtual Threat and Malware Protection


Cisco Firepower TD Virtual Threat Protection and URL


Cisco Firepower TD Virtual Threat, Malware, and URL Filtering


Cisco Firepower TD Virtual Malware Protect


Cisco Firepower Threat Defense Virtual URL Filtering

Cisco environmental sustainability

Information about Cisco’s environmental sustainability policies and initiatives for our products, solutions, operations, and extended operations or supply chain is provided in the “Environment Sustainability” section of Cisco’s Corporate Social Responsibility (CSR) Report.

Reference links to information about key environmental sustainability topics (mentioned in the “Environment Sustainability” section of the CSR Report) are provided in the following table:

Sustainability topic


Information on product material content laws and regulations


Information on electronic waste laws and regulations, including products, batteries, and packaging

WEEE compliance

Cisco makes the packaging data available for informational purposes only. It may not reflect the most current legal developments, and Cisco does not represent, warrant, or guarantee that it is complete, accurate, or up to date. This information is subject to change without notice.

Cisco Capital

Flexible payment solutions to help you achieve your objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

The Cisco Security Advantage

At Cisco, we’re building a security platform that delivers world-class security controls everywhere you need them, with consistent visibility, policy harmonization, and stronger user and device authentication. We’re bringing networking leadership and cutting-edge security technology together so that the entire network can act as an extension of the firewall, leading to the most secure architecture ever. The latest generation of Cisco Firepower NGFWs has the power and flexibility that you need to stay one step ahead of threats. With Cisco NGFW, you’re investing in a foundation for security that is both agile and integrated—leading to the strongest security posture available today and tomorrow.

Learn more