Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2387
Views
7
Helpful
6
Replies

ASA 9.8(2) support for FirePower 2110

Go to solution
Keith Miller
Level 1
Level 1

‎08-29-2017 07:18 AM - edited ‎02-21-2020 06:15 AM

I'm in the midst of working with a VAR to replace 5510s with 2110s and it's just been 1 caveat after another with these devices; mainly VPN. Then today, I received a Cisco software update notification for the 2110s with ASA code 9.8(2) listed. I decided to check it out, but I have more questions...

 

What exactly does this mean? Should I even be looking into this as an option or is FTD the answer now and in the long term? What type of feature support or lack of would I be looking at with the 9.8(2) ASA code?

 

ASA 9.8(2) Release Notes

 

TIA,

Keith

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Keith Miller

‎08-30-2017 07:12 AM

Yes - unfortunately when you run ASA on Firepower appliance you cannot add the Firepower service module like you can on an ASA appliance.

FCM isn't really a separate product - it's just the on-box Web UI for Firepower appliances. It's pretty easy to use and straightforward.

View solution in original post

6 Replies 6

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-30-2017 05:24 AM

Many customers are frustrated with the caveats in FTD software. It is for that reason that Cisco decided to offer ASA on the Firepower 2100 series. It runs pretty much* like ASA software on the ASA appliance hardware - just a lot faster. Even with remote access VPN on FTD 6.2.1 of Firepower 2100 series since earlier this summer there are still caveats.

 

* Note all Firepower 2100, 4100 and 9300 series appliances use the Firepower Chassis Manager (FCM) for some hardware configuration and such. All the ASA features are still available - just those few are shifted onto FCM.

0 Helpful

Go to solution
Keith Miller
Level 1
Level 1
In response to Marvin Rhoads

‎08-30-2017 06:01 AM

I can definitely see why people are frustrated. Why release products if they aren't ready for primetime. Yes, you may lose a few customers to your competitors in the short term but it's better than frustrating a whole heck of a lot more customers with half-baked products.

 

Does this mean I'd lose the ability to do IPS/AMP if I went down that road? It doesn't seem clear on that. I've not heard of the FCM... Yet another product to worry about.

 

Regards,

Keith

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Keith Miller

‎08-30-2017 07:12 AM

Yes - unfortunately when you run ASA on Firepower appliance you cannot add the Firepower service module like you can on an ASA appliance.

FCM isn't really a separate product - it's just the on-box Web UI for Firepower appliances. It's pretty easy to use and straightforward.

Go to solution
Keith Miller
Level 1
Level 1
In response to Marvin Rhoads

‎08-30-2017 07:27 AM

Thank you, I thought so but wasn't completely sure. This means we will not be getting our money's worth so I'll have to pass on that option.

 

Oh ok, I thought that was called Firepower Device Manager (FDM).

 

Thanks,

Keith

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Keith Miller

‎08-30-2017 07:37 AM

FDM is slightly different - that's the on-box manager for the ASA appliances running the FTD image.

It's a web UI as well - think FMC (stripped down quite a bit) and made to look more like a Meraki interface.

 

The larger Firepower appliances' sensors currently are only managed via FMC. On the smaller ASAs you can choose one or the other.

Go to solution
Keith Miller
Level 1
Level 1
In response to Marvin Rhoads

‎08-30-2017 08:34 AM

Thank you for the additional info. What a mess...
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card