Network Firewalls Overview
MacStadium offers a variety of Cisco® firewalls to protect the cloud environment. The portfolio includes several physical and virtual appliance choices, which exceed all security and performance requirements. Cisco Firepower and Cisco Secure Firewall ASA Virtual offerings deliver scalable VPN capability to access to MacStadium resources, as well as, protect workloads against increasingly complex threats with world-class security controls.
To provision Firewalls in the MacStadium account, please contact sales.
The following capabilities are available with Cisco firewalls:
- Access and manage the firewall as the root user (root access).
- Leverage Cisco AnyConnect for secure remote user access.
- Filter any Internet and internal traffic real-time. For example, pass traffic from selected IPs or IP ranges (like a Jenkins master) and block all other traffic.
- Connect local infrastructure to the MacStadium private cloud through secure remote network or site-to-site encrypted Virtual Private Network (VPN) tunnels.
- Connect a public cloud, such as AWS, Azure, or Google Cloud, to the MacStadium private cloud through secure remote network or site-to-site encrypted Virtual Private Network (VPN) tunnels.
- Perform packet inspection, port blocking, and breach protection.
- Configure high availability and failover.
- Limit access to approved users to ensure complete access control.
Standard Configurations
| ASAv 5 | ASAv 10 | ASAv 30 | Firepower 2130 | |
|---|---|---|---|---|
| Appliance Form Factor | Virtual | Virtual | Virtual | Physical |
| Stateful inspection throughput max | 100 Mbps | 1 Gbps | 2 Gbps | 5.4 Gbps |
| Stateful inspection throughput max (multi-protocol) | 100 Mbps | 1 Gbps | 2 Gbps | 5.4 Gbps |
| IPsec VPN throughput | 100 Mbps | 750 Mbps | 2 Gbps | 1.9 Gbps |
| Connections per second | 12,500 | 60,000 | 200,000 | 30,000 |
| Concurrent sessions | 50,000 | 100,000 | 500,000 | 2,000,000 |
| IPsec VPN peers | 50 | 250 | 750 | 7,500 |
Available Locations
Available in: Atlanta, Dublin, Las Vegas
Getting Started
Contact MacStadium Sales for more information.
Custom hardware or hybrid solutions
To host a firewall in a MacStadium data center, contact MacStadium Sales to discuss requirements, available options, and involvement from the MacStadium engineering team.
Any enabled firewall add-ons are accessed from the customer dashboard under the Add-Ons tab in the details.
Other options
Based on specific requirements, users may choose to forgo the available Cisco ASAv and ASA options and implement another solution, such as the built-in OS X firewall or a third-party software firewall.
WARNING: MacStadium does not provide assistance with the setup, management, and troubleshooting of these solutions. MacStadium is not responsible for any security risks incurred by such implementations.
Updated 10 months ago