Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1776
Views
5
Helpful
1
Replies

Deference Between ASA+Firepower and FTD

Go to solution
amanverma
Level 1
Level 1

‎01-17-2018 03:42 AM - edited ‎02-21-2020 07:09 AM

i have 5508-X which support both options ASA+Firepower and FTD. before proceeding to use IPS functionality i want to know the deference between both solution and limitations of each solutions ?

We use Remote Access VPN, Site to Site VPN, AAA, as of now with ASA 9.6

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎01-17-2018 07:46 AM

Hi

 

There're multiple posts explaining the difference between those images:

https://supportforums.cisco.com/t5/firewalling/difference-between-asa-running-firepower-service-module-and-ftd/m-p/3312445#M165512

 

ASA and Firepower : 2 different configs while FTD is a unified image with 1 config.

FTD can be managed locally with embedded portal called FDM or by FMC (dedicated VM or appliance). FMC is used when you have multiple FTD to manage, you create policies and push them across your boxes.

You can do pretty much all features you had with ASA except for example multiple context.

 

Based on your input, you're using only VPN and AAA, those features are available in FTD.

 

It's a different logic of configuration and management. You won't have all ASA cli commands.

I would like to say that if you don't need multiple context, I'll recommend moving with FTD.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

1 Reply 1

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎01-17-2018 07:46 AM

Hi

 

There're multiple posts explaining the difference between those images:

https://supportforums.cisco.com/t5/firewalling/difference-between-asa-running-firepower-service-module-and-ftd/m-p/3312445#M165512

 

ASA and Firepower : 2 different configs while FTD is a unified image with 1 config.

FTD can be managed locally with embedded portal called FDM or by FMC (dedicated VM or appliance). FMC is used when you have multiple FTD to manage, you create policies and push them across your boxes.

You can do pretty much all features you had with ASA except for example multiple context.

 

Based on your input, you're using only VPN and AAA, those features are available in FTD.

 

It's a different logic of configuration and management. You won't have all ASA cli commands.

I would like to say that if you don't need multiple context, I'll recommend moving with FTD.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card