300Mbps of rich media throughput means that the IPS has been tested with ips signatures etc and it could achieve deep packet inspection without performance deterioration up to 300Mbps. In real world traffic were the packets are smaller, there is packet loss and your configuration is different, that number could be less. So, if you have a network requirement of about 300Mbps or more you would probably need to use a bigger IPs like the 4255 or 4260.
The throughput performance numbers Cisco puts on their sensors are a fantasy.
In the real world we see the sensors max out at about half the Cisco rated performance threshold.
So if you're looking at a 4240 sensor that is rated for 300 Mb/s, you should expect to be able to feed it traffic up to about 150 Mb/s before seeing missed packet events in your logs.
The 150 Mb/s is the total of BOTH DIRECTIONS of transmission added together.
In general, in ALL networking data sheets the tests to produce the name numbers are based on certain circumstances. For example, for throughput performance benchmarks big packets of few UDP connectionless transactions are used.. That is not a lie, the numbers are real and they are achieved. Real world traffic is not always the same, so the actual performance could be less in a real world with packet loss, smaller packets etc scenarios. Generalizations like "The throughput performance numbers Cisco puts on their sensors are a fantasy" are too vague and misleading.
Here is a sample link http://www.miercom.com/dl.html?fid=20080509&type=report where a third party evaluated similar firewall products from different vendors for your reference. There you will see that Cisco outperformed same scale boxes, and that real world HTTP traffic is less than the market name value for all vendors because of the reason I mentioned.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :