Cisco Secure Firewall Threat Defense Virtual (formerly NGFWv)
Firewall software
Intrusion detection and prevention systems (IDPS)
Network security software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if Cisco Secure Firewall Threat Defense Virtual (formerly NGFWv) and its alternatives fit your requirements.
Contact the product provider
Free Trial
Free version unavailable
Small
Medium
Large
- Energy and utilities
- Healthcare and life sciences
- Information technology and software
What is Cisco Secure Firewall Threat Defense Virtual (formerly NGFWv)
Cisco Secure Firewall Threat Defense Virtual is a virtualized next-generation firewall and intrusion prevention software image based on Cisco Secure Firewall Threat Defense (FTD). It is used to enforce network segmentation, application and URL controls, and threat prevention in virtualized data centers and public cloud environments. Typical users include network security teams that need consistent firewall policy across physical and virtual deployments and centralized management through Cisco Secure Firewall Management Center (FMC).
Unified NGFW and IPS
The product combines stateful firewalling with intrusion prevention capabilities in a single virtual appliance. This supports common enterprise use cases such as east-west segmentation, north-south perimeter controls, and policy enforcement for application traffic. It aligns with organizations that want one policy model for firewall and IDPS functions rather than separate tools.
Centralized policy management
It supports centralized configuration, policy deployment, and event visibility when managed through Cisco Secure Firewall Management Center. This helps standardize rule sets across multiple virtual instances and environments. Central management can reduce operational drift compared with managing each virtual firewall independently.
Virtual deployment flexibility
As a virtual form factor, it can be deployed in hypervisor-based environments and cloud-oriented architectures where hardware appliances are not suitable. This enables consistent security controls for workloads that move between on-prem virtualization and cloud. It is designed for teams that need firewall controls close to applications and virtual networks.
Operational complexity and learning curve
FTD policy concepts, feature configuration, and troubleshooting workflows can be complex for teams without prior Cisco firewall experience. Day-to-day operations often require familiarity with both the management platform and the data-plane behavior. This can increase time-to-deploy and the effort needed to maintain consistent policies.
Performance depends on sizing
Throughput and inspection capacity depend heavily on allocated vCPU, memory, and the enabled inspection features. In resource-constrained virtual environments, enabling multiple security services can reduce performance and increase latency. Careful capacity planning is typically required to meet expected traffic loads.
Feature parity varies by environment
Capabilities and supported integrations can vary depending on the virtualization platform, cloud environment, and software version. Some advanced networking or cloud-specific constructs may require additional design work to align routing, high availability, and traffic steering with the firewall. This can complicate deployments compared with simpler virtual firewall offerings.
Plan & Pricing
| Plan / License SKU (example) | Price | Key features & notes |
|---|---|---|
| FTDv5 (FTD-V-5S-BSE-K9 / FTD-V-5S-TMC) | Not published on Cisco.com — contact Cisco or authorized reseller | Performance-tiered Base subscription (up to 100 Mbps). Term subscriptions available: 1, 3, 5 years. Optional Threat/Malware/URL Filtering subscriptions available as separate SKUs. BYOL supported. cite |
| FTDv10 (FTD-V-10S-BSE-K9 / FTD-V-10S-TMC) | Not published on Cisco.com — contact Cisco or authorized reseller | Performance-tiered Base subscription (up to 1 Gbps). Term subscriptions available: 1, 3, 5 years. Optional Threat/Malware/URL Filtering subscriptions available. cite |
| FTDv20 (FTD-V-20S-BSE-K9 / FTD-V-20S-TMC) | Not published on Cisco.com — contact Cisco or authorized reseller | Performance-tiered Base subscription (up to 3 Gbps). Term subscriptions available: 1, 3, 5 years. Optional Threat/Malware/URL Filtering subscriptions available. cite |
| FTDv30 (FTD-V-30S-BSE-K9 / FTD-V-30S-TMC) | Not published on Cisco.com — contact Cisco or authorized reseller | Performance-tiered Base subscription (up to 5 Gbps). Term subscriptions available: 1, 3, 5 years. Optional Threat/Malware/URL Filtering subscriptions available. cite |
| FTDv50 (FTD-V-50S-BSE-K9 / FTD-V-50S-TMC) | Not published on Cisco.com — contact Cisco or authorized reseller | Performance-tiered Base subscription (up to 10 Gbps). Default performance tier is FTDv50 for new deployments. Term subscriptions available: 1, 3, 5 years. Optional Threat/Malware/URL Filtering subscriptions available. cite |
| FTDv100 (FTD-V-100S-BSE-K9 / FTD-V-100S-TMC) | Not published on Cisco.com — contact Cisco or authorized reseller | Performance-tiered Base subscription (up to 16 Gbps). Term subscriptions available: 1, 3, 5 years. Optional Threat/Malware/URL Filtering subscriptions available. cite |
Additional notes:
- Licensing models: Subscription term licenses (1, 3, 5 years) for Base and optional Threat/Malware/URL Filtering. Cisco documents SKUs but does not publish dollar prices on the public Cisco product/ordering pages; purchasers are directed to contact Cisco or authorized resellers for pricing and to order the SKUs. cite
- Pay-as-you-go: Hourly (pay-as-you-go) billing is available through the AWS interface (per Cisco ordering guide). For GCP and OCI, only BYOL is supported. cite
- Evaluation / free trial: Evaluation mode is available for initial deployment/management center (90-day evaluation mode for Firewall Management Center and evaluation versions of optional licenses can be enabled while in evaluation mode). cite
Seller details
Cisco Systems, Inc.
San Jose, California, USA
1984
Public
https://www.cisco.com/
https://x.com/Cisco
https://www.linkedin.com/company/cisco/
