Stonesoft 3201

The Stonesoft 3201 appliance is a versatile and modular Security Engine-powered solution designed to meet the performance and scalability requirements of data centers and large-sized network central sites. It can be used as a Layer 3 device for secure routing, NAT and IPsec VPN gateway purposes. In a Layer 2 configuration it presents itself as an IDS sensor, inline IPS or Layer 2 firewall. All this is available with a single unified software image, adaptable with just a configuration change.

In the Layer 3 role, as a routing firewall and IPsec VPN gateway solution, the 3201 appliance provides high performance with unique clustering capabilities up to 16 nodes. This provides very high IPSec VPN speeds, as well as high performance content and application inspection where needed.

In Layer 2 roles the Security Engine becomes transparent to surrounding network devices. The inline IPS and Layer 2 Firewall roles combine deployment flexibility, AET-ready network security and application control into one dedicated appliance.

Designed to cut your future costs

The Stonesoft 3201 is built on the platform of the Stonesoft Security Engine (NGN). It can transform its role as your organization grows and your needs change. A unified design, and the ability to make deployment changes remotely and automatically via license, helps to cut operating costs and eliminate unnecessary future capital investment rounds.

The Stonesoft Management Center (SMC) gives you the ability to automate workflows, easily define policies, swiftly define and deliver advanced visualizations, and provides class-leading situational awareness. Administering the Stonesoft 3201 with SMC enables security administrators to run an agile, secure and fast network that drives safe productivity for your business.

Stonesoft 3201 Specifications

Maximum performance L3 FW/VPN L2 FW / IPS / IDS
(UDP 1514 byte packets, no inspection)
20 Gbps -
(UDP 1514 byte packets, with inspection)
7 Gbps 7 Gbps
64 byte packets per second
(no inspection)
10 million -
HTTP inspection (21 kB payload) 3 Gbps 3 Gbps
SSL inspection throughput 1 Gbps 1 Gbps
New TCP connections/sec
(no inspection)
200 000 -
New inspected HTTP connections/sec (21 kB payload) 13 000 13 000
Concurrent connections 20 million -
Inspected concurrent connections 5 million 5 million
VLANs Unlimited Unlimited
VPN throughput (AES-128-GCM) 10 Gbps n/a
VPN tunnels 40 000 n/a
Concurrent mVPN Clients Unlimited n/a
Licensed Performance Firewall/VPN 3201 appliance Firewall/VPN 3201-P appliance
(UDP 1514 byte packets, no inspection)
10 Gbps 20 Gbps
VPN throughput (AES-128-GCM) 5 Gbps 10 Gbps  
Network interfaces  
Fixed 2 x 10/100/1000 Mbps copper
Module slots 3 (Available modules listed at the product codes section)
Connectors 4 x USB, 1 x serial, VGA, IPMI Ethernet 
Form factor 2U 19” rack unit
Dimensions (W x H x D) 437 x 89 x 450 mm / 17.2" x 3.5" x 17.7"
Net weight 15 kg / 33 lbs
Safety/EMC certifications CE, FCC, CB, Gost-R, RoHS 
Power supply 1+1 Redundant 700W + 700W, AC Input 100-240 VAC, 50-60 Hz
Typical power consumption 240 W  
Operating temperature/humidity +10—+35°C (+50—+95°F) 8%—90%, non condensing humidity (RH)
Storage temperature/humidity -40—+70°C (-40—+158°F) 5%—95%, non condensing humidity (RH)
MTBF 120 000 hours
Rack mounting Rack kit APP-RACK3-3200 for 68 cm – 92 cm deep rack included by default  
Replacement service 15 months or 39 months replacement service for non-complying hardware
Premium support 24/7-call logging via web, email and phone, two-hour response time, software updates, hardware replacement service
Basic support 8/5-call logging via web, email and phone, next business day response time, software updates, hardware replacement service  
Product codes **  
APP-FW-3201-C1 Stonesoft Firewall/VPN 3201 appliance
APP-FW-3201-C1-P Stonesoft Firewall/VPN 3201P appliance
APP-IPS-3201-C1 Stonesoft IPS/IDS 3201 appliance
APP-NGN-3201-C1 Stonesoft 3201 Security Engine  
Feature pack codes  
FP-1Y-AS-1 One year Antispam subscription for NGN-3201, FW-3201, FW-3201P appliance
FP-1Y-AV-12 One year Antivirus subscription for NGN-3201, FW-3201, FW-3201P appliance
FP-1Y-WF2-172 One year Web filtering subscription for FW-3201 appliance
FP-1Y-WF2-171 One year Web filtering subscription for NGN-3201, FW-3201P appliance
FP-1Y-UTM-16 One year UTM subscription bundle (AV, AS, WF) for FW-3201 appliance
FP-1Y-UTM-6 One year UTM subscription bundle (AV, AS, WF) for NGN-3201, FW-3201P appliance
FP-FW-FDPI-5 Full deep inspection for FW-3201, FW-3201P  
Interface modules  
MOD-EM1-GE-6  Six Port Gigabit Ethernet Copper Module
MOD-EM1-GE-8  Eight Port Gigabit Ethernet Copper Module
MOD-EM1-GE-SFP-4  Quad Port SFP Gigabit Ethernet Module
MOD-EM1-10G-SFP-2  Dual Port SFP+ 10GB Module
MOD-EM1-GE-4-B Quad Port Gigabit Ethernet Copper Bypass Module
MOD-EM1-GE-SX-4-B Quad Port Gigabit Ethernet Fiber (SX) Bypass Module
MOD-EM1-10G-SR-2-B Dual Port Fiber (SR) 10GB Bypass Module
MOD-EM1-10G-LR-2-B Dual Port Fiber (LR) 10GB Bypass Module  
Add-on product codes  
APP-RACK2-3200 Rack mounting kit for 50 cm – 68 cm deep rack
SP-PSU-DC-3200 DC  power supply for 3200 series appliance

* Supported encryption algorithms depend on used license. ** -R license codes are without strong encryption (DES only) 

Free Consultation

Due to our numerous partnerships, we can provide unbiased opinions on the best solution for your environment.

Unbeatable Prices

Our partnership levels give us the highest product discounts which we pass on as savings to our customers.

Professional Services

Finish your IT projects on-time and under budget with our nation-wide team of senior level engineers.

24x7 Tech Support

Rest assured knowing that our U.S. based IT support team is here for you on nights, weekends and when you need us most.