FirePower 4110

cevans008 · ‎05-14-2019

We have recently purchased a Firepower 4110 to replace the EOL IPS on the 5585-x series.

I understand that you can create a logical device with either the ASA or FTD image.

My question:

If you install the ASA image rather than FTD do you have the IPS functionality through Licensing for example or default ....or do you only get the IPS functionality if you create a FTD logical device?

I have been reading so many articles and watching the deep dive library videos and it never seems to show the Firepower being used with an ASA logical device.

What we were hoping for after installing the Logical ASA device is that we would see an extra Tab within the ASDM used to ultimately manage it.

Thanks in advance

Colin

balaji.bandi · ‎05-14-2019

Still not able to understand the use case here.

If you are buying latest Gear and you can utilize the next Gen features, rather go back to Old Code.

When you use FTD you can do advance level Access rules which can be beneficial ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

cevans008 · ‎05-15-2019

Hello,

Thanks for response. So we currently have a 5585 in place however the ips is going EOL and as it stands we cannot download any further signatures.

Therfore a Firepower 4110 was purchased ( not by us directly) through the customer and reseller. When we have received this it appears they have purchased the ASA software to make it a ASA logical device on the Firepower security module. We were aiming for FTD.

My question is: if we do progress with the Fiepower ASA logical device does this provide IPS support? as thats the whole reason from moving from the EOL 5585 IPS.

if the IPS functionality isnt supported in an ASA logical device i will need to push back and state we NEED to go with the FTD solution.

Thanks

C