Hello a.gooding and everyone,

Any updates on what you guys evaluated? I'm looking into ASA-X and Meraki. From what I'm reading ASA 5516-X comes with FireSight Management Center (using ASDM) without purchasing a separate VM. Is it correct? 

I have used Meraki in the past and love its simplicity. But I heard ASA-X is completely different "animal" now compared with the old ASA. Thanks in advanced.

Hey

we have been using it (Firepower) on a daily basis.

This is completely my opinion but here it is

1. I still think nothing beats the Meraki Management

2. Firepower is NOT as simple if you compare to the MERAKI dash but spend a few days with it drilling down and understanding the policies and you will like it.

We didn't eval the ASDM module only as we did everything with the Full FireSight Management Centre.

The question I posed to test both

"Who is using what and how quickly can we identify and lock down if need be"

Meraki was a no-brainer and won hands down. Firepower didn't win but was still very effective.

My conclusion thus far

1. Ill put in Meraki for a quick easy to manage deployment for SMB to Medium

2. Ill put in in the ASA with FP for those enterprise customers that need a decent level of control. (The policies in FP are really granular and much better for those more complex networks)

Im hoping as it matures (FP) the amount of clicks would be reduced.

I apologise that my response isn't too technical :) but that is my personal take thus far.

Hope this helps

Hi a.gooding,

Thank you very much for the information. That's great to know. One last question regarding the FireSight Management console, do you guys use the VM box for it? I was hoping ASA5516-X has the built-in for this so I don't have to purchase the VM. The hardware, licensing, and subscription for the ASA is already very expensive and adding the VM box is way too much for us. I'd like Meraki but like you've mentioned, if we need to have more level of control in the future...

Thanks again.

Hi,

no probs, We used the VM. To be honest we didn't know about the built in ASDM until we read some info stating that :)

Id say reach out to your Account Manager and have them setup a webex with an engineer.

Other than that id say from general product experience (And this is just my opinion)

1. You wouldn't get the same amount of control

2. Its probably for companies that are not into the whole virtualization arena as yet and its just to get you up and running quickly. Which means, you may not want to get into that level of granularity.

Also, if you are ever going to do any type of failover on ASA models with Firepower you need the Management Centre.

The big thing is the Management Centre so clear that up really good. Doing some quick googling doesn't bring up and ASDM FIREPOWER type of results so that might also indicate its level of usage.

Also a note that the ASA and firepower is one but two :)..its in one appliance but you configure it separate from the ASA as well. The learning curve to setup properly isn't that bad, and as I mentioned, take some time to learn it and don't do a Meraki feature to Feature comparison unless you are weighing out Meraki as an actual option.

My final opinion

To be safe, go with the Management Centre VM unless you get that clarification from your Account Manager

Great information. Thank you very much. 

knguyenfolio,

The FireSIGHT Management built into ASDM is limited to a few of the low end platforms - 5506, 5508 and 5516-X.

By it's nature it won't serve to collect and archive events as it's running in the same Java applet that is ASDM. It also has a couple of other limitations.

It's only been shipping for about a month or two so you won't see much track record with it just yet.