Showing results for 
Search instead for 
Did you mean: 

Looking for suggestions: Data Center firewall.



I'm looking for suggestions to replace an ASA 5520 that is currently acting as our main DC Firewall. My concern is that we currently do not have any sort of malware protection, no IPS features, and realistically our ASA is mainly a device we use to NAT public IPs into different servers. I am a CCIE Voice with little experience in Security so I will defer to you for solid advice.

Migration sheets indicate a 5525-X could be an obvious option, does anybody have any other suggestions? 

As far as requirements, here's some details that may help.

- We have a 50 mb internet circuit.

- We have about 100 public IPs that NAT into our DC.

- I'd like something that provides deep packet inspection, and advance malware protection. Basically layer 7.

- Hopefully the device has some sort of management platform (web interface at least) where we can have some visibility into what's going on.


Thanks in advance, you guys are awesome!


2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame