cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


247
Views
0
Helpful
4
Replies
Beginner

Rightsizing ASA

        Hi

I have a customer with 22 branch offices, all connected via ASA vpn.

All branch offices are using ASA 5505.

Head quarter running 5510.

This has been running well for som years, and some of the offices have grown.

The China office is now 90 users, and the firewall is 2 x 5505 UL Sec plus  (redundant) internet speed 20Mbit

Main office 2x 5510 on a 100Mbit internetconnection and 200 users.

Would the company get any advantage if they changed to higher ASA models ?

4 REPLIES 4
Cisco Employee

Rightsizing ASA

Hi,

Is there any particular reason why are they thinking of changing the ASA for a 5510? The only difference between one another is the throughput and the build in switch, the rest is pratically the same.

Mike

Mike
Beginner

Rightsizing ASA

The customer is concerned about stability and latency.

I can't se that there are any latency in the ASA's today.

Would the customer gain anything by changing to ASA5512-X and ASA5515-X ?

Beginner

Rightsizing ASA

Not really...the datasheet specifies 300Mbps Firewall throughput and 170Mbps VPN throughput for the ASA5510. The internet connection of the main office is 100Mbps. So if you are using the ASA only for internet access and VPN, then there would be no real advantage (apart from new features on the 5500-X platform) or performance gain by replacing it. the only other thing that might be relevant is the max. number of sessions...if that is not running high, you dont have a problem.

Highlighted
Cisco Employee

Rightsizing ASA

Nope, More features maybe (Like active/active failover,multiple context or transparent firewall) but in terms of using exactly like the one in place, no, no difference.

Mike

Mike
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here