Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1036
Views
0
Helpful
3
Replies

ASA5510 - a few questions

ruban.patkunam
Level 1
Level 1

‎08-29-2011 11:16 AM - edited ‎03-11-2019 02:18 PM

Hopefully I am posting this correct section.

Before I decide to purchase the ASA5510 as our firewall solution I'd like to clear up some confusion I have regarding its expansion capabilities. According to the Cisco website, the ASA5510 supports 1x SSM expansion slot. Intrusion prevention (IPS) is supported via the AIP SSM. Content Security (anti-virus/spyware, file blocking) is supported via the CSC SSM.

One would assume that only one of these expansions can be enabled at time since it is clearly stated that the ASA5510 supports 1x SSM expansion (AIP SSM or CSC SSM). However, the Cisco representatives I've spoken with on the phone claim I can concurrently run both the AIP SSM and CSC SSM in a single ASA5510.

Can someone with first hand experience please clarify this for me.

Also, I am debating if the ASA5510 is overkill for our network infrastructure and perhaps we should be going with the ASA5505. Essentially, we have a large network of users and we'd like to firewall three machines from the users such that only certain users (15 users) are allowed to access them. Are there any other compelling arguments to use the ASA5510 instead of the ASA5505 aside from the fact that ASA5505 does not support content security?

Thanks for your support!

Labels:
0 Helpful
3 Replies 3

varrao
Level 10
Level 10

‎08-29-2011 11:23 AM

Hi Ruban,

No, you cannot run the AIP SSM or CSC SSm in the same chassis. I am not sure why he said that.

For small no of users and machines, ASA 5505 should also work unless you want to use IPS or CSC module with the ASA.

Hope this helps.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

ruban.patkunam
Level 1
Level 1
In response to varrao

‎08-29-2011 11:29 AM

Thanks for the prompt reply.

Also, just to confirm the ASA5505 does support IPS (via the AIP SSC) correct? Your last sentence seemed to imply that the ASA5505 does not support IPS. I understand the ASA5505 does not support the CSC module.

Thanks again,

0 Helpful

varrao
Level 10
Level 10
In response to ruban.patkunam

‎08-29-2011 11:35 AM

Hi Ruban,

Yes the AIP SSC card can b used with ASA 5505 but not CSC module, if you need any info to cross verify any claims about scalability of the device, you can refer to this datasheet:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120product_data_sheet0900aecd802930c5.html

Hope this helps.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card