Solved: Cisco ASA 5555 IDS Features

kajumblies15 · ‎11-17-2022

I have an ASA 5555 running version 9.8 and ASDM 7.8(2). I am looking to see if anyone can point me to any firewall features on the ASA that resemble IDS functionality. Because I have zones enabled on the firewall, thread detection is disabled. Other than that are there any configurable IDS like things in the firewall sections of ASDM?

Thank You!

Karsten Iwen · ‎11-17-2022

The ASA has an build-in IDS/IPS which is very limited and not really of any usefulness nowadays.

The actual way to go is to move from the ASA software to Firepower Thread Defense. You could re-image your firewall and use FTD but with the needed license and the approaching EOL for this device it is probably better to move to a new Firepower Appliance with FTD software.

View solution in original post

Karsten Iwen · ‎11-17-2022

The ASA has an build-in IDS/IPS which is very limited and not really of any usefulness nowadays.

The actual way to go is to move from the ASA software to Firepower Thread Defense. You could re-image your firewall and use FTD but with the needed license and the approaching EOL for this device it is probably better to move to a new Firepower Appliance with FTD software.

Milos_Jovanovic · ‎11-17-2022

And just to add, with ASA5500-X models, there is a HW prerequisite (you must have SSD installed) in order to even consider reimaging to FTD.

As @Karsten Iwen and @Marvin Rhoads already stated, it is best to think about replacing this device with Firepower 2k/3k series.

Kind regards,

Milos

Marvin Rhoads · ‎11-17-2022

Like @Karsten Iwen said - nothing really useful IDS-wise in the current threat environment.