01-17-2018 03:42 AM - edited 02-21-2020 07:09 AM
i have 5508-X which support both options ASA+Firepower and FTD. before proceeding to use IPS functionality i want to know the deference between both solution and limitations of each solutions ?
We use Remote Access VPN, Site to Site VPN, AAA, as of now with ASA 9.6
Solved! Go to Solution.
01-17-2018 07:46 AM
Hi
There're multiple posts explaining the difference between those images:
ASA and Firepower : 2 different configs while FTD is a unified image with 1 config.
FTD can be managed locally with embedded portal called FDM or by FMC (dedicated VM or appliance). FMC is used when you have multiple FTD to manage, you create policies and push them across your boxes.
You can do pretty much all features you had with ASA except for example multiple context.
Based on your input, you're using only VPN and AAA, those features are available in FTD.
It's a different logic of configuration and management. You won't have all ASA cli commands.
I would like to say that if you don't need multiple context, I'll recommend moving with FTD.
01-17-2018 07:46 AM
Hi
There're multiple posts explaining the difference between those images:
ASA and Firepower : 2 different configs while FTD is a unified image with 1 config.
FTD can be managed locally with embedded portal called FDM or by FMC (dedicated VM or appliance). FMC is used when you have multiple FTD to manage, you create policies and push them across your boxes.
You can do pretty much all features you had with ASA except for example multiple context.
Based on your input, you're using only VPN and AAA, those features are available in FTD.
It's a different logic of configuration and management. You won't have all ASA cli commands.
I would like to say that if you don't need multiple context, I'll recommend moving with FTD.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide