Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1128
Views
5
Helpful
4
Replies

ASA with FirePOWER

Go to solution
fabflorent
Level 1
Level 1

‎07-13-2017 07:26 AM - edited ‎03-10-2019 06:53 AM

I want to order ASA 5515 with FirePOWER.

Did the new order include free 1 year licence for any FirePOWER feature, or should I purchase automatically licence ?

What is the minimum subscription recommanded ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-13-2017 08:50 AM

The only thing you get for free is the Control license. It gives you application visibility but no IPS, URL Filtering or Malware protection.

You should have the IPS subscription at the very least.

I'd give 2nd priority to Malware only because I would first recommend an endpoint protection scheme like AMP for Endpoints. An endpoint product like that gets you ahead of the whole SSL arms race as the files are unencrypted on the endpoint.

Similarly with the URL Filtering I would personally recommend a solution like Cisco Umbrella (former OpenDNS) as more effective.

If you don't have any endpoint or DNS protection then I recommend the full IPS, URL Filtering and Malware licensing.

View solution in original post

4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-13-2017 08:50 AM

The only thing you get for free is the Control license. It gives you application visibility but no IPS, URL Filtering or Malware protection.

You should have the IPS subscription at the very least.

I'd give 2nd priority to Malware only because I would first recommend an endpoint protection scheme like AMP for Endpoints. An endpoint product like that gets you ahead of the whole SSL arms race as the files are unencrypted on the endpoint.

Similarly with the URL Filtering I would personally recommend a solution like Cisco Umbrella (former OpenDNS) as more effective.

If you don't have any endpoint or DNS protection then I recommend the full IPS, URL Filtering and Malware licensing.

Go to solution
fabflorent
Level 1
Level 1
In response to Marvin Rhoads

‎07-13-2017 08:57 AM

Thanks Marvin

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to fabflorent

‎07-13-2017 08:59 AM

You're welcome. Thanks for rating.

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎07-13-2017 11:48 AM

One small addition to Marvins perfect answer: Today, I would consider buying the ASA 5516-X instead of the ASA 5515-X. That device has more physical interfaces, is more modern and powerfull but only slightly more expensive.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card