Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
0
Helpful
2
Replies

ASA5515-X with CX Module

Go to solution
navneet.k
Level 1
Level 1

‎11-22-2016 03:56 AM - edited ‎02-21-2020 05:57 AM

Hi,

I have 2 nos of ASA5515-X firewall with CX Module configured in HA, now I want to run IPS, URL functionality on it. Below is the BOM for the same, pls let me know do I need to required Cisco Prime Security Manager as well. If yes, then as per my Knowledge Cisco Prime Security Manager is End of Sale, so pls suggest any solution. My firewall doesn't support firepower functionality

Also I was going through a document, in which it is mention that PSRM comes on box to manage single instance, so can I use PSRM to manage the firewall in HA along with IPS, AVC and WSE functionality.

Part Number Description Qty
ASA5500X-SSD120= ASA 5512-X through 5555-X 120 GB MLC SED SSD (Spare) 2
ASA5515AWI1Y= ASA 5515-X  AVC, WSE, IPS 1 Year 2

Thanks

Navneet

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎11-22-2016 03:53 PM

Hello Navneet-

I would not recommend purchasing and/or running CX. That product is already EoL/EoS due to the acquisition of Sourcefire:

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-c51-733917.html

As a result, I would recommend you look into the FirePOWER services for ASA. For the 5515-X, there is an upgrade SKU which is: ASA5515-FP-UPG

That SKU can be configured to include:

1. SSDs

2. URL Filtering

3. Advanced Malware Protection

4. IPS

5. FireSIGHT Management Center

6. Smartnet

I hope this helps!

Thank you for rating helpful posts!

View solution in original post

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-24-2016 06:43 AM

I agree with Neno's recommendation. ASA CX signature updates will only be offered for another year and a half. Reference:

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-c51-733917.html

The 5515-X supports the FirePOWER module via re-image of the software module. FirePOWER is a superior solution offering better protection against modern threat vectors that the CX cannot detect.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎11-22-2016 03:53 PM

Hello Navneet-

I would not recommend purchasing and/or running CX. That product is already EoL/EoS due to the acquisition of Sourcefire:

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-c51-733917.html

As a result, I would recommend you look into the FirePOWER services for ASA. For the 5515-X, there is an upgrade SKU which is: ASA5515-FP-UPG

That SKU can be configured to include:

1. SSDs

2. URL Filtering

3. Advanced Malware Protection

4. IPS

5. FireSIGHT Management Center

6. Smartnet

I hope this helps!

Thank you for rating helpful posts!

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-24-2016 06:43 AM

I agree with Neno's recommendation. ASA CX signature updates will only be offered for another year and a half. Reference:

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-c51-733917.html

The 5515-X supports the FirePOWER module via re-image of the software module. FirePOWER is a superior solution offering better protection against modern threat vectors that the CX cannot detect.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card