Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
828
Views
0
Helpful
5
Replies

ASA 5545-X

Go to solution
satya mothukuri
Level 1
Level 1

‎08-27-2014 02:32 AM - edited ‎03-11-2019 09:41 PM

 

   Hi All,

   I am planing to implement asa 5545X firewall in place of juniper firewall. We have having cloud proxy now, but we have much problem with cloud proxy for some applications and trusted sites. Now i want to know

  1. can i build my network in such a way, some sites ASA can do proxy(content not required for this) and rest i can push to cloud?
  2. I am going to use 2 ASA's as active and standby, So can i use the standby ASA for proxy filter. So that ASA load will be less.

    Thanks in advance.

 Regards,

 Satya.M

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP
In response to satya mothukuri

‎08-27-2014 03:39 AM

we are have a plan to get SF-ASA-CX-9.1-K8, which is software based. Now i want to know can we do Proxy on this.

No, the ASA-CX is not a proxy. A Cisco Web Security Appliance (WSA) for example is a proxy. The CX is a transparent gateway where then data gets inspected and allowed/denied while the data flows through.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Karsten Iwen
VIP
VIP

‎08-27-2014 03:08 AM

1) First of all, you have to define what you want from that proxy. The ASA is an application inspection gateway that sits transparently in the traffic-flow. That's much different then what a traditional proxy does. Of course you can provide extra security with L7-inspection. For that you need a software module which can be the ASA CX or the FirePower (SourceFire).

2) No, the standby ASA is *only* a backup for the primary ASA in case of a failure. There is no loadsharing in active/standby.

0 Helpful

Go to solution
satya mothukuri
Level 1
Level 1
In response to Karsten Iwen

‎08-27-2014 03:32 AM

 

 Tnx Karsten, we are have a plan to get SF-ASA-CX-9.1-K8, which is software based. Now i want to know can we do Proxy on this.Any document on proxy config will be helpful.

 

Thanks,

Satya.M

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to satya mothukuri

‎08-27-2014 03:39 AM

we are have a plan to get SF-ASA-CX-9.1-K8, which is software based. Now i want to know can we do Proxy on this.

No, the ASA-CX is not a proxy. A Cisco Web Security Appliance (WSA) for example is a proxy. The CX is a transparent gateway where then data gets inspected and allowed/denied while the data flows through.

0 Helpful

Go to solution
nkarthikeyan
Level 7
Level 7

‎08-27-2014 03:19 AM

Hi,

 

I am not sure, how better you can do proxy using cisco asa... but for your question 2: you cannot make use of the standby one to do anything... that can take traffic only when it becomes traffic... it takes only management and sync traffic when it is in standby mode.

 

Regards

Karthik

0 Helpful

Go to solution
satya mothukuri
Level 1
Level 1
In response to nkarthikeyan

‎08-27-2014 03:33 AM

 

  Thnaks Karthik, wish Cisco does such things in future :)

  Regards,

  Satya.M

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card