Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1045
Views
5
Helpful
1
Replies

ASA Threat Detection vs Firepower

rob@pri-med.com
Level 1
Level 1

‎05-04-2021 11:07 AM

Is it overkill to have threat detection scanning on an ASA 5516 with Firepower services? Can I get the same and better protection from Firepower only?

The reason for my question is that I get several tickets a day to un-shun VPN users. It's not always the same users, but there are a handful that are frequent callers. I can never catch when they get shunned and there seems to be no common trait. And rather than white-list the VPN IP Pool, I'd like to know if I lose some security if I disable threat detection on the ASA?

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-05-2021 09:58 AM

I've never found the ASA threat detection feature particularly useful. I almost never see it enabled on customer ASAs (and I have seen hundreds of those).

A properly configured Firepower service module definitely provides superior threat protection vs. what's offered in the base ASA.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card