Unboxing and First Look at Forcepoint NGFW 321 C-2

In REAL Unboxings we Alen Šalamun, REAL security CTO, is presenting an entry level, desktop appliance from Forcepoint’s Next Generation Firewall series of products, namely the NGFW 321 C-2 model. 




Welcome all you IT professionals, we have another unboxing, now from company Forcepoint. I would firstly like to say that in this small box is a firewall with 4 Gbps of throughput, which is amazing, if you think about a desktop product that can be rack mountable, but is in desktop form size. So let’s see how this truly amazing small box looks like in real life. When you open the box and of course it’s of black color, I guess Star Wars is popular now so its a Darth Vader model or something, and let’s discard of the box. It’s small first of all in its desktop factor you can install an additional rackmount kit with it, and don’t be fooled by the size itself, as with many vendors this will signify products that have 50, 100, maybe 200 Mbps throughput – this small box has 4 Gbps of throughput, which is quite amazing. That is not even all that is amazing about this little box, as even on this let’s say “entry level desktop appliance”, you can do Active-Active clustering, you can do multi link, you can do Deep Packet Inspection, Application Filtering – everything that is available on Forcepoint NGFW series of products for the price of a desktop appliance.

All in all, if you look at the numbers, you will clearly see that you have 5 Gigabit Ethernet connectors without a possibility to expand them, but if you go up one step higher to NGFW 325, then you have an expansion port that you can add additional inputs. But all in all, 5 Gigabit Ethernet interfaces should do it, as you can do trunking, link aggregation, you can do VLAN tagging (which is by the way unlimited) and control all the traffic you want. On the front size we see a console port and two USB ports. Actually the USB ports from this firewall have an unique feature as the ports can be used for initial configuration. Meaning, when you do the initial installation of the firewall, you have to enter the IP addresses, the private keys, the router settings and everything on the management system and transfer everything with the USB stick. If you put the USB stick when the firewall is booting, the firewall will read the complete configuration and do everything by itself to connect to the management, so you don’t even have to use the console port at all. But if you would like to control the initial configuration, you will have to use [the series cable]. As with other vendors, included is a legacy series cable, which everyone uses. You connect that to the console port, please do not connect a network port to the console port, but connect a serial cable with 9600, 8 bits, non-parity, 1 stop bit in the terminal and you can interface directly with the device. Since this is a small firewall it just have one power supply connector, so you can not use redundant power supplies – if it dies, you have to change it. But then again, this is a really small box.

If we go through the numbers, for example, I already told you that it has a maximum firewall throughput of 4 Gbps. It also actually has 700 Mbps inspection throughput, it has 130 Mbps of TLS encrypted throughput and it has 900 Mbps of IPsec. This is how you can see just with the numbers that this truly is a much bigger box than many many other vendors have in this form. Even if you look at concurrent connections for example, you can have up to 2 million maximum concurrent connections. Can you imagine 2 million concurrent connections on such form factor? Those numbers are really really unique on the market. So if you are looking a really powerful firewall even in the smallest size, this is it. Forecepoint 321 model actually features everything that the “big” models have – there is no difference at all in the software engine that is used on this box on the biggest rackmountable appliance – every single device uses the same image, has the same features, supports the same features, even on the smallest box.

Now, if we go through additional parameters that are offered by this module, we can see, that, for example, VLAN tagging – you have no limits, so you can use 20, 200 or even 1000 VLAN tags, no problem whatsoever. Even on this small box, you can use virtual – actually, you already get three virtual with the box itself in the basic license. You can do all the obvious features that you can do on Forcepoint NGFW’s, such as Anti-malware, Web filtering, IPS, Application control. You can even do advanced stuff, such as authenticating users through the Internet with Active Directory. Everything that you heart wishes for, this appliance does really provide.

Actually, that is it for this small box, as there is not much else to say – you have to check it by yourself, you have to visit Forcepoint’s website and create your firewall and look up everything that you can about these boxes. If you have any questions whatsoever, contact us and we will try to answer them and thank you for watching.