Hello,
I have a customer who wish to replace an old 7200 router that supports the following services:
- 5000 static nat with support to 15000 nat translations in the near future.
- Around 125 Mbps of bandwidth throughput
- 200 VRFs
This customer wants an security focused device and not use a router anymore because he wants to apply specific security policies for traffic entering and leaving his network plus content filtering. Also wants a scheme of HA and wants to keep the VRFs.
Now I thought about a couple of firewall ASA 5585-X in failover, but I have some questions:
1.- Does the ASA support VRFs? I have been looking around on Internet and it seems that it does not, only virtual context.
2.- What could be a potential Cisco device I could offer that complies with the requirements? maybe an ASR 1000, but again this would be replacing a router with other router which is not desired in the first place and also I will lose the HA feature.
Any advice would be appreciated.
Best regards,
Rafael.