08-06-2013 07:36 AM - edited 03-11-2019 07:22 PM
I am looking for a new firewall for a client. This is an SMB client, around 35 computers and 2 servers. Budget is $800.00 or less. Some of my other clients are using the 5505 and they have been pretty solid firewalls. However, they are lacking in some features like application layer control, IPS, deep packet inspect. I am hesitant on recommending this model since the 5500 series are being phased out and its not a next gen firewall. Would this still be a good way to go?
Sent from Cisco Technical Support iPad App
08-06-2013 08:11 AM
Hi,
Sadly I have not personally had the possibility to work with other firewall brands other then Cisco so I can't really compare it with the features of any other vendors models. I also have very little knowledge of the additional modules for ASAs since we use other solutions to in their place.
I would like to state though that ASA5505 is the only original ASA5500 Series model that hasn't received EOL/EOS to my understanding. Last time I was told that it was very popular model of the ASA and that probably the reason it still kept available. I have not heard of any news about a replacing model for it.
Naturally this doesnt guarantee how long it will stay in Ciscos firewall selection (not sure if that is even the correct word so forgive me my english) but it does seem like a popular choice because of its price compared to other ASAs. On the other hand its Licensing can be a pain and annoying.
- Jouni
08-06-2013 11:03 AM
Jouni is correct that the 5505 is alone among the older ASA product line models in that it is NOT included in the End of Sales announcements to date. True it doesn't have many of the NGFW features but for the price it is a pretty capable little appliance. It's also very popular among engineers who want a lab / home firewall to use in certification studies.
IPS, even among Cisco high-powered IPS appliance doesn't fall in the magic quadrant as defiend by Gartner for NGIPS capabilities. One could guess that's why Cisco recently announced the agreement to acquire SourceFire, one of the market leaders in that space. Their FirePower and FireAmp products are very advanced and capable with respect to not only NGIPS but also NGFW features. However, they don't address the SOHO or SMB markets much in their product line as it is more focused on the larger enterprises.
So...5505 is still good for now. Small investment and it can run the latest ASA software. As long as you are fine with its limited throughput it is a perfectly capable appliance.
08-06-2013 06:08 PM
Thanks for your replies. I've been researching other firewall options and keep coming back to the ASA as the solution. I've been working with these for a while and know they are a solid product. Also, the support for these devices is the best I've dealt with. There is one other product that caught my interest. Can anyone provide some input on the Cisco ISA 570? It seems to fit exactly what I'm looking for in features and price. But, the reviews I'm reading on these are mixed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide