What is the Cisco Firepower 7.0 FTDv Performance Tier Licensing?

Cisco just added tad more confusion when you adding devices into the FMC, however, this is a good feature to have.

Be sure and join my new Firepower/FTD 7.0 Live Online hands-online class June 28th week! Only $2277 with your discount

When you bring in a new FTD device into the Cisco’s new 7.0 code FMC, you’ll receive an option asking you to configure a Performance Tier, as shown here:

This allows you to set the amount of cores and ram used by the device, but understand that the default performance tier is FTDv50 when deploying a new FTDv device. The good news about this is that if you are running any type of Virtual Cisco Firepower machine for VM, Azure or AWS, the Cisco’s Firepower FTDv Performance Tier Licensing increases the number of supported instance types available. When in doubt, just use the Variable option, which will set it at the lowest tier of 4 core/8 GB and then go up from there automatically as needed.

Here are the specs for all the Tiers listed. If you choose FTDv50 or 100, which sounds great, you may get licensing errors depending on what you paid for as this is based on entitlement, and these tiers are enforced via a rate limiter. Notice the rate and RA VPN limits as listed here:

What you can use is determined by your base license, which is subscription-based and mapped to performance tiers. Your virtual account needs to have the Base license entitlements for the FTDv devices, as well as for Threat, Malware, and URL Filtering licenses. Yup, licensing just got a tad more challenging (again!).

2 Comments

  1. Hi Todd
    I am a bit confused on Tiered and non-tiered licensing,
    how come the non-tiered (FPRTD-V-K9) is much cheaper that tiered for high performance FTDv100,
    Are non-tiered only for public cloud deployment or can be provisioned on ESXi/KVM as well?

    1. Hi Reza, thank you for writing.
      Those are good questions, and Cisco isn’t real forthcoming with this new feature, other than saying it was an old ASA feature that they added in 7.0 code now. I do know it’s only for virtual including Azure and AWS to provide a tiered licensing approach, but I dont’ have any customers that use it at the moment so I am not much help Im afraid
      Todd

Comments are closed.