04-05-2017 11:35 AM - edited 03-10-2019 06:48 AM
hey,
i am trying to understand about the Licenses for the IPS for our firewalls.
we have 2x firewalls both are 5545-X with 8GE standard Configurations. we are planning to configure them in A/A A/S configurations and configure 2 context for different services.
please correct me here i now i need 2x Software Licenses for my Both Firewalls to support IPS Features and that's it no more hardware to add
like SSM or SSP ?
Solved! Go to Solution.
04-05-2017 08:42 PM
The current "IPS" type for Cisco ASAs is the FirePOWER service module. You will see it as module type "sfr" (from the Sourcefire acquisition) when looking at the command line interface (i.e., "show module" command).
The sfr module does require the SSD drive be installed on a 5545-X. You can check for it by looking at the front panel or else looking via the command "show inventory".
Assuming you have that, you do need licenses for both ASAs. The available licenses types are Control (no cost and permanent but required) and IPS, URL Filtering and Malware. The latter three can be combined in bundles and are term licenses (1-5 years).
You are also advised to run a FirePOWER Management Center to manage to configuration and reporting from the FirePOWER modules. While you can technically manage them both locally (via ASDM), any changes have to be done twice as that part of the configuration does not synchronize between the units.
04-05-2017 08:42 PM
The current "IPS" type for Cisco ASAs is the FirePOWER service module. You will see it as module type "sfr" (from the Sourcefire acquisition) when looking at the command line interface (i.e., "show module" command).
The sfr module does require the SSD drive be installed on a 5545-X. You can check for it by looking at the front panel or else looking via the command "show inventory".
Assuming you have that, you do need licenses for both ASAs. The available licenses types are Control (no cost and permanent but required) and IPS, URL Filtering and Malware. The latter three can be combined in bundles and are term licenses (1-5 years).
You are also advised to run a FirePOWER Management Center to manage to configuration and reporting from the FirePOWER modules. While you can technically manage them both locally (via ASDM), any changes have to be done twice as that part of the configuration does not synchronize between the units.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: