Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
504
Views
0
Helpful
2
Replies

firewall service module vs ASA

Go to solution
ohassairi
Level 5
Level 5

‎02-20-2013 10:27 PM - edited ‎03-11-2019 06:03 PM

Hi

Someone told me that the cisco firewall service module of 6500 has poor performances compared to ASA

What do you recommend as a core firewall (to protect internal servers): ASA or firewall service module ?

thanks

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎02-20-2013 11:08 PM

Hi,

We are using 5 FWSMs at the moment but are moving away from them to ASA5585-X models.

I wouldnt suggest going to FWSMs anymore at this point if you have any plan on having support for new features.

End Of Life and End of Sale Notice

http://www.cisco.com/en/US/prod/collateral/modules/ps2706/eol_c51-699134.html

The follower for the FWSM is the ASA Service Module which supports the newer softwares (while the FWSM doesnt). Heres a link to a document about the ASASM

http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps11621/data_sheet_c78-672507.html

Also you could always consider a separate ASA models. Here are links to both the orignal ASA 5500 series and new ASA 5500-X series

ASA 5500 Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80285492.pdf

ASA 5500-X Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/at_a_glance_c45-701635.pdf

I guess the question for you is what are the requirements for the device regarding performance. All of the above documentation should give you a clue about which model might be the best for you.

- Jouni

View solution in original post

0 Helpful

Go to solution
Andrew Phirsov
Level 7
Level 7

‎02-20-2013 11:14 PM

FWSM is a legacy module for 6500. The new one is ASA service module wich has performance characteristics greater then most of the  biggest standalone ASA appliances, like 5585-x. So it should be your choise.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎02-20-2013 11:08 PM

Hi,

We are using 5 FWSMs at the moment but are moving away from them to ASA5585-X models.

I wouldnt suggest going to FWSMs anymore at this point if you have any plan on having support for new features.

End Of Life and End of Sale Notice

http://www.cisco.com/en/US/prod/collateral/modules/ps2706/eol_c51-699134.html

The follower for the FWSM is the ASA Service Module which supports the newer softwares (while the FWSM doesnt). Heres a link to a document about the ASASM

http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps11621/data_sheet_c78-672507.html

Also you could always consider a separate ASA models. Here are links to both the orignal ASA 5500 series and new ASA 5500-X series

ASA 5500 Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80285492.pdf

ASA 5500-X Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/at_a_glance_c45-701635.pdf

I guess the question for you is what are the requirements for the device regarding performance. All of the above documentation should give you a clue about which model might be the best for you.

- Jouni

0 Helpful

Go to solution
Andrew Phirsov
Level 7
Level 7

‎02-20-2013 11:14 PM

FWSM is a legacy module for 6500. The new one is ASA service module wich has performance characteristics greater then most of the  biggest standalone ASA appliances, like 5585-x. So it should be your choise.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card