Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
335
Views
0
Helpful
2
Replies

Firewall Failover

Go to solution
rEvadministrator
Level 1
Level 1

‎02-09-2016 07:16 AM - last edited on ‎03-25-2019 05:58 PM by Community Manager

Hello All,

First off, I want to thank the forums for any help provided regarding my inquiry. Currently we have a Cisco ASA 5510 as our only firewall device within our infrastructure. We are looking to add a firewall failover device in the event the 5510 goes down or experiences any outage. Our company size is small (up to ~150 employees) with a DMZ added in the front of the 5510. If possible, we would like to setup the failover firewall to run in "passive" mode until an outage happens. Additional features we would like to see is Intrusion Detection and Data Loss Prevention. Our budget is not small but not large either.

 

Once again thank you for your help!

 

Ka$h

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Boris Uskov
Level 4
Level 4

‎02-09-2016 07:25 AM

Hello,

Two gears ASA5510 can be combined into Failover Cluster in Active/Standby mode. You need to have SEC Plus licenses on both firewalls to make it work.

The problem is that you can divide only same hardware platforms into failover cluster. So, you need to get the second ASA5510 gear. Since ASA5510 is under End-of-Sale now, it may be a problem.

The best, but not the cheapest way is to migrate your current hardware platform to a newer one - for example ASA5508 or ASA5516. Those platforms can be equiped with SourceFIRE software module (SFR), which can give you advantages of having one of the best Next Generation IPS and Next Generation firewall on the platform of Cisco ASA.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Boris Uskov
Level 4
Level 4

‎02-09-2016 07:25 AM

Hello,

Two gears ASA5510 can be combined into Failover Cluster in Active/Standby mode. You need to have SEC Plus licenses on both firewalls to make it work.

The problem is that you can divide only same hardware platforms into failover cluster. So, you need to get the second ASA5510 gear. Since ASA5510 is under End-of-Sale now, it may be a problem.

The best, but not the cheapest way is to migrate your current hardware platform to a newer one - for example ASA5508 or ASA5516. Those platforms can be equiped with SourceFIRE software module (SFR), which can give you advantages of having one of the best Next Generation IPS and Next Generation firewall on the platform of Cisco ASA.

0 Helpful

Go to solution
rEvadministrator
Level 1
Level 1
In response to Boris Uskov

‎02-10-2016 11:19 AM

Thanks Boris!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card