Marvin, thank you for your detailed reply.

TAC is saying that the SSD should show up in SHOW INVENTORY, however they are saying that because the legacy IPS is enabled, that may be affecting the display of the SSD.

I know this thread is little old but hoping to piggy back a question. I am going through the same process i.e. upgrading ASA IPS module to firepower. Should I remove the IPS module before install the new SSD, as I currently do not have SSD installed. Or will it mater?

Thanks!

Give us a few more details please. The (sanitized) output of the following would do it:

show  inventory
show module
show version

Not sure why all the outputs needed, not looking for the technical implementation details and beside can't do that.

Was just looking for the order of operations.

1. Install new SSD drive.

2. Remove IPS Software module

3. Install SFR software module

or

1. Remove IPS software module

2. Install new SSD drive

3. Installs SFR software module

The output is requested in order to give as accurate an answer as possible. I have found over years of experience that I am not safe in assuming anything about the customer's environment since there is so much variation.

Seeing the exact equipment model (show inventory), the installed modules and their status (show module) and verifying the prerequisite version required to support a FirePOWER module (show version) all guide an accurate response.

That being said, assuming you have a 5500-X series ASA with a software IPS module installed, the order of items 1 and 2 in your list do not matter. Installing the SSD must be done while the ASA is powered off, so I would normally uninstall the IPS module first, shutdown the ASA, install the SSD and then bring the ASA back online. If you have ASA 9.2(2.4) or later (required for sfr module) then you can install the module. If you want to install newer sfr versions (e.g., 6.x) then higher releases of ASA software would be required as noted in the compatibility guide:

http://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#pgfId-137110

Exactly the info and reassurance I was looking for...thanks!

I'm all good on the pre-reqs and compatibility....did plenty of research on that. But understood, some don't and everyone situation is different.

The first task would be to get IOS to a level that supports both the SSD and sourcefire. I initially upgraded to 9.2.2.4, but I'm now running 9.3.3. Check to make sure compatibility with the legacy IPS.

I don't know if it matters whether you install the SSD first, then remove the legacy IPS, or vice versa. I installed the SSD first in my case.

When you remove the legacy IPS, you will need to reboot the ASA. If you have an HA active/standby pair, that task is non-disruptive.

Then you can load sourcefire.

Good luck.

Marvin, one last question, do you know if a minimum ASA firmware version is required to recognize those SSD? I'm running 9.01 and 9.02 on the two ASAs. All I can find in the release notes related to SSD is that v9.1.1 is required for the ASA CX SSP software module - which requires the SSD.

I do believe ASA 9.1(1) is required as a minimum. See the matrix in Table 3 in the ASA compatibility matrix.

Also the release notes for ASA 9.1 note under "New Features in ASA 9.1(1)" that they introduced support for the SSD-based CX SSP. 

You have to move up to at least 9.2(2.4) for for FirePOWER Service module.

I upgraded to 9.2.2.4 last evening (from 9.0(4)) and the SSD appears in the display for SHOW INVENTORY: (serial numbers masked).

C5525X-P10-DMZ# sh inv
Name: "Chassis", DESCR: "ASA 5525-X with SW, 8 GE Data, 1 GE Mgmt, AC"
PID: ASA5525           , VID: V01     , SN: xxxxxxxxxxxx

Name: "Storage Device 1", DESCR: "Model Number: Micron_M550_MTFDDAK128MAY"
PID: N/A               , VID: N/A     , SN: xxxxxxxxxxxx

Thanks again for Marvin's responses.

If you are using dual SSD drives, how and where does the Raid 1 configuration take place?