Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
335
Views
5
Helpful
1
Replies

Deference Between ASA+Firepower and FTD

amanverma
Level 1
Level 1

‎01-16-2018 11:16 PM - edited ‎02-21-2020 07:09 AM

i have 5508-X which support both options ASA+Firepower and FTD. before proceeding to use IPS functionality i want to know the deference between both solution and limitations of each solutions ?

We use Remote Access VPN, Site to Site VPN, AAA, as of now with ASA 9.6

 

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-17-2018 06:59 AM

FTD is the new unified code image. Of the use cases you mentioned, it has a few limitations with respect to remote access VPN. Those are documented here:

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/622/configuration/guide/fpmc-config-guide-v622/firepower_threat_defense_remote_access_vpns.html#reference_xby_dml_wy

 

It also has a completely different user interface and requires you use a GUI - either the on-box Firepower Device Manager (FDM) or a centralized Firepower Management Center (FMC) server. FDM will introduce some more limitations like no local log archive, inability to configure portchannel interfaces etc. however it is a very nice and easy to use GUI.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card