ASA 5505 vs excessive bandwidth

lunadesign · ‎11-18-2015

I have a Cisco ASA 5505 (512 MB Security Plus) that's currently serving a 20/5 Mbps fiber line with no problems.

I'd like to upgrade the service to something faster (75/75 or 100/100) but understand the 5505 has performance limitations. Various accounts I've seen estimate that the 5505 can do 75-100 Mbps real world but I understand my mileage may vary. Plus, there's the simple limitation that the ASA Ethernet ports only support 100 Mbps.

Question: What happens if I upgrade to something faster than the ASA can handle? Will the ASA still do it's job (filtering, routing, etc) but limit / slow down traffic to the max it can handle? Or will the ASA become unstable, drop packets or become lax in performing it's security tasks?

Thanks!

Shivapramod M · ‎11-18-2015

Hi,

The ASA 5505 has throughput of around 150Mbps. When the device has over subscription it can cause many issues such as pakcet drop such as overruns on the interface and performance issue. So make sure you do not oversubscribe the firewall's capacity.

Thanks,

Shivapramod M

P.S. Please rate helpful posts.

lunadesign · ‎11-19-2015

Thanks Shivapramod....this is helpful to understand.

Shivapramod M · ‎11-19-2015

Hi,

You can refer the below document for your understanding.

https://supportforums.cisco.com/document/47506/asa-oversubscription-interface-errors-troubleshooting

Please do rate the helpful posts,

Thanks,

Shivapramod M