Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
0
Helpful
4
Replies

Gig Firewall for Datacenter Connectivity

jparks
Level 1
Level 1

‎08-25-2012 08:26 AM - edited ‎03-11-2019 04:46 PM

Good Morning,

We are looking at upgrading our WAN between our Primary Datacenter and Secondary Datacenter to gig using licensed wireless equipment. I have been looking into firewalls to run between the two sites and it looks like for Gig connectivity we would be looking at least at the ASA 5555-X. My thoughts are to create a site to site tunnel between the two to encrypt the traffic enroute. Is there anything I'm missing when looking at this?

Sent from Cisco Technical Support iPad App

Labels:
0 Helpful
4 Replies 4

nkarthikeyan
Level 7
Level 7

‎08-25-2012 10:02 AM

Hi Justin,

You are asking about the throughput of the firewall or interface capability of the firewall???

If  you look for the throughput of your firewall start from 5512x you will  have 1G throughput and further advanced model will have more.

say  5512x will have through put of 1G,5515x will have 1.2 Gig 5525x will  have 2 Gig.... So you can better go for 5525x for your requirement.  5555x will give 4 Gig throughput....

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-701808.html

Please do rate for the helpful posts.

By

Karthik

0 Helpful

jparks
Level 1
Level 1
In response to nkarthikeyan

‎08-25-2012 02:26 PM

Hi Karthik,

I would be looking at the throughput specs for the firewall.  If I'm not mistaken once you start

Encrypting the traffic though a site to site VPN you would have to look at the 3DES/AES throughput on the firewall? 

Thank you,

Justin

0 Helpful

nkarthikeyan
Level 7
Level 7
In response to jparks

‎08-25-2012 09:09 PM

Hi Justin,

If you are looking for throughput for entire options.... firewall,ips,vpn..etc then 5585x (Multiple modules available) which will fullfill your 1 gig capability in your firewalls....  But however its based on your requirement... If you have all the infra in your datacentre is having 1 gig throughput capability then it will be good....

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

Please do rate for the helpful posts.

By

Karthik

0 Helpful

hobbe
Level 7
Level 7

‎08-25-2012 03:15 PM

Hi

I would take a look at 802.1ae and apropriate switches to encrypt the links between the datacenters.

That way you gain some possibilities but on the other hand you loose some also.

I do not know what your security priorities are but it is atleast worth taking a look at.

You can atleast combine this with the ASA´s and let the Switches do the encryption and the ASA do the firewalling.

I think you will se that it will cost you less.

Good luck

Hope This Helps

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card