Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2129
Views
5
Helpful
9
Replies

ASA 5525-X Multiple Context Web Security Essentials Licensing

justin.b.pruitt
Level 1
Level 1

‎11-27-2013 10:39 AM - edited ‎03-11-2019 08:10 PM

Hello,

I am purchasing a 5525-X IPS Edition model firewall with 5 security context licenses.  I have a question about licensing.  When activating a feature license, such as Web Security Essentials, do you actiavte it under the firewall context or under the admin context.  The reason I am asking is that I am trying to figure out how may Web Security Essentials licesnes to buy.  Do we buy 1 for the device, or 1 for each context?

Thanks in advance,

Justin

Labels:
0 Helpful
9 Replies 9

Collin Clark
VIP Alumni
VIP Alumni

‎11-27-2013 11:51 AM

You would enable the license under the system context. The license covers all the security contexts. As of today, you can't run WSE and IPS. The software for that is supposed to be released soon. The rumor is that it will not be running full IPS, only a subset of features.

Hope it helps.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Collin Clark

‎11-27-2013 03:44 PM

Actually the IPS for NGFW (CX) was slipstreamed in to 9.2 CX software last month. It's just not orderable quite yet. :)

It does have less configuration options than the classic Cisco IPS but it is better in other ways. The subscription service should be orderable this month.

Sent from Cisco Technical Support iPad App

0 Helpful

shillings
Level 4
Level 4
In response to Marvin Rhoads

‎12-10-2013 07:47 AM 

Marvin Rhoads wrote:
Actually the IPS for NGFW (CX) was slipstreamed in to 9.2 CX software last month. It's just not orderable quite yet. 

It does have less configuration options than the classic Cisco IPS but it is better in other ways. The subscription service should be orderable this month.

Hi Marvin, any idea if it will support multiple security contexts? We don't get a proper update on the NG IPS until next week and I can't reach our Security SE

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to shillings

‎12-10-2013 08:32 AM

The NGFW IPS does support multi-context mode ASA.

However the policies on the IPS itself are global (like those for the earlier CX WSE and AVC features) so they are common across all contexts that are directing traffic to it via their respective service policies.

The events (in PRSM) will display the name of the context whose traffic triggered the event.

Hope this helps.

shillings
Level 4
Level 4
In response to Marvin Rhoads

‎12-10-2013 08:39 AM

Thanks Marvin!

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to shillings

‎12-10-2013 08:40 AM

You're welcome. Please rate it if the answer was helpful.

0 Helpful

INGENIERIA Y CONSULTORIAS WEBREDES LTDA
Level 1
Level 1
In response to Marvin Rhoads

‎04-11-2014 10:26 PM

i need to state a correction..

 

the IPS or WSE/AVC virtual appliances are not available under multi-context by now.

even on 9.1 asa code.

so take this in care before buy the context and the WSE/AVC or IPS or both.

 

best regards

had a great day . best regards, and rate if you'll find this post useful
0 Helpful

justin.b.pruitt
Level 1
Level 1
In response to Collin Clark

‎12-06-2013 11:51 AM

That is exactly what I needed to know.  Thank you!

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to justin.b.pruitt

‎12-06-2013 11:56 AM

You're welcome. Please rate helpful replies and mark your question as answered.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card