Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
931
Views
5
Helpful
3
Replies

Firepower Appliance with 3rd Party Firewall

Benzimbleman
Level 4
Level 4

‎10-04-2016 01:31 PM

I have a customer that purchased a Sonicwall (with in the last year) in an urgent time when they had a firewall outage.  He wants to put Firepower services in his HQ and DR but doesn't want to go back to his management to tell them they need to purchase an ASA to replace the Sonicwall to get Firepower services.

Has anyone installed an ASA w/ FP next to a 3rd party firewall to only use the FP services.  They are not a large customer so one of large FP appliance will be too much. 

I was thinking maybe a virtual NGIPS appliance but I am not sure if that will work.  Isn't that only used for your virtual environment?

What is the best solution for FP when paired with a 3rd party firewall?

Labels:
3 Replies 3

keglass
Level 7
Level 7

‎10-06-2016 09:48 AM

Benjamin,

Since you are a Cisco Partner with access to the Partner Community, I recommend you also post this question to the Partner Security space for more feedback and information.

Security

Kelli Glass

Moderator for Cisco Customer Communities

0 Helpful

biomalle
Cisco Employee
Cisco Employee

‎10-07-2016 08:49 AM

Benjamin,

Cisco offers a very large line of FirePower appliances separate from the ASA line.  These appliances (physical and virtual) offer all of the next generation features (e.g. IPS, AVC, AMP, Security Intelligence etc.).  Depending on the throughput required, I suggest looking at the FirePower 7000 or 8000 series appliances.  The link below is a great place to start:

Cisco Next-Generation Intrusion Prevention System (NGIPS) - Cisco

Good luck,

Bill O'

0 Helpful

Oliver Kaiser
Level 7
Level 7

‎10-15-2016 04:34 AM

I dont think there is a "best solution" to this. If you need to implement a multi-vendor firewall solution check which features you want to use on each platform and use the best of both worlds.

e.g. perimeter sonicwall with stateful inspection, Site-2-Site VPN and Remote Access VPN and then ASA running FTD for L7 inspection with AVC, IPS and URL filtering.

If something like this does not make sense in your scenario just do stateful inspection on the Sonicwall and everything else on ASA with Firepower Services.

p.s. you can use NGFWv if you want to virtualize your firewall - just keep performance overhead in mind and test if the solution fits your customers need in regards to features/performance.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card