Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
835
Views
0
Helpful
2
Replies

ASA5520 with IPS question

Go to solution
Bradford.berry
Level 1
Level 1

‎01-10-2011 08:52 AM - edited ‎03-10-2019 05:13 AM

Hello All,

I am New to the ASA/IPS world,and i have a few questions.

We are buying two ASA5520's with IPS Modules(aip-ssm-10) for a new location, I plan on running them in active/standby. These will be my first set of ASA5520's.

My Network design for this site is simple:

WAN --> 2950/24 --> 2x ASA5520's with IPS --> 6513 with SUP2/MFSC's and 5x48 Port 10/100 Blades,1 10/100/1000

here are my questions:

1) Do i need a Subscription from Cisco for the IPS modules? im being took there is a yearly cost to have updates. is this necessary? will they function with out it?

2) if so do i need one subscription for each module? even though they are in redundant mode?

3) will a ASA5520 with the AIP-SSM-10 support 200 users?

4) Do I need any special Licence for me to do VPN's? i only plan on having Site to SIte vpn's for now with maybe 20 of so IPhone User Vpn's,I do plan on moving all my user VPN's onto my next set of ASA's ( 100 or so VPN Users).

any help would be appreciated.

Regards,

Brad

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rhermes
Level 7
Level 7

‎01-10-2011 01:46 PM

Brad -

1. You will need a license (renewed annually) in order to apply signature updates. If you don;t have a license, you can still apply the software updates (less frequently) which also contain the latest signature update. The Sensor will work properly without a license. This ism;t quite as good a deal as it sounds because in the software releases there are new engines with the first generation of several new signatures. These are typically very noisy and subject to refinement in subsequent signature updates.

2. Yeah, you'll need a license for each sensor/module.

3. It all depends on how much and what kind of traffic they generate.

4. No special license is required for VPNs.

- Bob

View solution in original post

0 Helpful
2 Replies 2

Go to solution
rhermes
Level 7
Level 7

‎01-10-2011 01:46 PM

Brad -

1. You will need a license (renewed annually) in order to apply signature updates. If you don;t have a license, you can still apply the software updates (less frequently) which also contain the latest signature update. The Sensor will work properly without a license. This ism;t quite as good a deal as it sounds because in the software releases there are new engines with the first generation of several new signatures. These are typically very noisy and subject to refinement in subsequent signature updates.

2. Yeah, you'll need a license for each sensor/module.

3. It all depends on how much and what kind of traffic they generate.

4. No special license is required for VPNs.

- Bob

0 Helpful

Go to solution
Bradford.berry
Level 1
Level 1
In response to rhermes

‎01-11-2011 08:15 AM

Thanks for your reply, It cleared things up.

Regards,

Brad

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card