NETASQ NG1000-A and NG5000-A

NETASQ application firewalls redefine the concept of perimeter security. Its application traffic inspection engine at the heart of the architecture offers superior analysis without noticeable impact on latency.

NETASQ gateways for enterprise business continuity

  • Security without compromise
  • Exceptional performance
  • Service continuity
  • Scalability

NG1000-A and NG5000-A are designed to meet the needs of large organizations. Both the NG1000-A and the NG5000-A have been designed to protect high traffic e-commerce servers and dynamic university networks or as an IPS probe. They are equally suitable for secure high-speed Internet access and for protect critical data centers.

NETASQ’s powerful administrative tools give you a single overview of the company’s entire security policy, even when it covers many different sites. You can easily set up and monitor all your user access and application flow points and VPN interconnects.

Service Continuity

Every enterprise needs a quality security solution. However, the impact of any incident is amplified when a Group Head Office, a data center or a server processing orders is affected.

The impact of any incident is amplified when Group Head Office, Data center or a server processing orders is affected.

99.99% service continuity may sound impressive, but for the IT administrator that still means 1 hour of downtime per year. The NG1000-A and NG5000-A Firewalls offer multiple redundancy features to ensure continuous network availability:

  • Dual PSU
  • The security of RAID
  • Partition system safeguard
  • High Availability

Exceptional performance

Both the NG1000-A and the NG5000-A are based on the most up-to-date architecture with NETASQ’s IPS engine embedded in the operating system. They include support for throughputs of up to 17.5 Gigabits per second and real-time processing ensures minimal latency to support high quality VoIP communications.


Budget is an issue for every organization. The modular design of the NG1000-A and NG5000-A enables administrators to remain flexible and to respond quickly to changes in their network requirements.

Targeted protections

Targeted attacks are a permanent threat, particularly to growing companies and high profile sites. For over 10 years, NETASQ’s patented IPS technology has delivered exceptional levels of protection against Zero-Day threats for the most demanding major organizations.

Level EAL4+ International Common Criteria V3.1 Certification guarantees that NETASQ products meet the most rigorous specifications. Automatic updates for all protections ensure complete protection against current and future threats.

Firewall + IPS 10.8 Gb/s 17.5 Gb/s
IPSec VPN (AES Mbps) 25 concurrent tunnels, total throughput 1,5 Gb/s 3 Gb/s
Concurrent connections 1,200,000 3,000,000
New connections per second 75,000 100,000
Unlimited user license
10/100/1000 interfaces 8/14 16/22
Number of optional modules 1 1
Optional interfaces (copper or fiber) 4 or 6×10/100/1000 – 2x or 4x Giga Fiber – 2x10Gb Fiber
ASQ protection engine
Application detection and monitoring
Inspection of application traffic
Web 2.0 advanced protection
SSL inspection
Application inventory & vulnerability assessment (NVM) Optional Optional
Built-in Antivirus – Antispam
URL filtering (16 categories)
Kaspersky Antivirus Optional Optional
NETASQ Extended Web
Control (65 catégories)
Optional Optional
USERS NG1000-A NG5000-A
Integration with Active Directory
Internal or external directory (LDAP)
Transparent authentication
Multi-level PKI and certificate authority
Active / passive
Synchronization of sessions / users
Hardware failure detection < 1 second < 1 second
Redundant system partition
IPSec VPN tunnels (Max) 5,000 10,000
Concurrent SSL VPN connections 1,024 2 ,048
No. of VLANs (Max) 512 1,024
Local log storage 70 GB 70 GB
WAN link redundancy (max) 12 12
Simultaneous PPTP clients (max) 192 192
Transparent, routed, hybrid modes
Policy-based routing (PBR)
Dynamic routing
Bandwidth guarantee/limitation
IPSec VPN NG1000-A NG5000-A
Hardware acceleration
3DES, AES, Blowfish / MD5, SHA1, SHA2
IPSec NAT Traversal – Dead Peer Detection
MTBF in years (hours) More than 6 years (> 54 000)
Racking 1U – 19″ 2U – 19″
Height x Width x Depth (mm) 44.45 x 431 x 660 89 x 431 x 660
Weight 12 kg (26.5 lbs) 17 kg (37.5 lbs)
Packaged Height x Width x Depth (mm) 250 x 550 x 780
Packaged weight 18.5 kg (40.8 lbs) 24.5 kg (54.1 lbs)
Power supply (AC) 2 x110-240V 230W 1.35A 2 x110-240V 230W 1.75A
Thermal dissipation (maximum, BTU per hour) 785 1,025
Noise level N/A N/A
Ethernet energy saving mode (802.3az) - -
Operational temperature 10° to 35°C (50° to 95°F)
Storage temperature -20° to 65°C (-4° to 149°F)
Relative humidity, operating (without condensation) 20% to 80%
CE, EN60950, RoHS, EAL4+
Non-contractual document. The features mentioned are those in version 9.1. * Performance is measured in a laboratory and under conditions ideal for version 9.1. Results may vary according to test conditions and the software version.