Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
436
Views
10
Helpful
2
Replies

ASA versus PIX 515E

kevin_spies
Level 1
Level 1

‎05-18-2007 07:45 AM - edited ‎03-11-2019 03:16 AM

I currently have two PIX 515E's, one is located at a collocation the other at our corporate location. We are looking at getting 2 more PIX's so we can have failover ability at both locations and I was told I should look into getting the ASA5500 series instead.

I have a few questions listed below.

1. What model ASA matches the PIX515E running the unrestricted bundle?

2. Is there a way to migrate the firewall config off of a PIX 515E to a ASA device? Because if we get 2 ASA models instead of 2 more PIX's I would move the corp 515E to the collocation and setup both ASA's at the corporate location.

3. As far as load balancing and redundancy is concerned, does the ASA or the PIX515E load balance or is it just failover ability?

4. With the Active/Active and Active/Standby what is the difference between the two? Some equipment vendors have different definitions for this.

Thanks!

Labels:
0 Helpful
2 Replies 2

hoogen_82
Level 4
Level 4

‎05-18-2007 08:13 AM

1. What model ASA matches the PIX515E running the unrestricted bundle?

Ans: It should ideally be ASA5510-SEC-BUN-K9. But since you want load sharing(It wouldn't load balancing). If you need Active/Active Load sharing you would then need ASA5520-BUN-K9

2. Is there a way to migrate the firewall config off of a PIX 515E to a ASA device? Because if we get 2 ASA models instead of 2 more PIX's I would move the corp 515E to the collocation and setup both ASA's at the corporate location.

Ans: Check this site go through the learning module for upgradation from PIX config to ASA.

http://www.cisco.com/web/learning/le31/le29/configuring_asa_pix_security_appliances.html

3. As far as load balancing and redundancy is concerned, does the ASA or the PIX515E load balance or is it just failover ability?

PIX 515E does only active/standby but as you get to 7.X code you could do Active/Active load sharing.

4. With the Active/Active and Active/Standby what is the difference between the two? Some equipment vendors have different definitions for this.

Active/Active is load sharing. Active Standby is like your simple HSRP. Probably you can consider Active/Active as MHSRP.

-Hoogen

Do rate if this post helps :)

kevin_spies
Level 1
Level 1
In response to hoogen_82

‎05-18-2007 09:00 AM

Thanks Hoogen!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card