Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
624
Views
0
Helpful
1
Replies

Need ASA Recommendation

kmanango1
Level 1
Level 1

‎09-08-2011 12:19 PM - edited ‎03-11-2019 02:22 PM

We currently have a Gig-E fiber SMFC that comes into our data center.  The SMFC comes already into a SFP in a switch that converts it to Gig-E Ethernet.  I am looking at Cisco as a possible firewall and IPS solution to replace our existing hardware and need some recommendations as I've never used a Cisco product before.

It looks like the 5550 will satisfy my requirements but it would be purely a firewall as it doesn't have IPS capabilities.  Any reason why the 5550 doesn't support IPS and the other models do? 

Then I thought about the 5540 which looks like it does support IPS but the max FW thoughput is 650Mbps.  If I deploy the 5540 in an Active/Active configuration, I assume I would get 1300Mbps since it would load balance across the both of them, am I correct?

Am I even on the right track here or should I be looking at a different product?

Any guidance is appreciated.

Regards,

K

Labels:
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎09-08-2011 05:47 PM

You are correct. ASA5550 and 5580 do not have IPS/CSC modules. These modules are available only on ASA5510, 5520, 5540 and 5585.

As you will see in this link:

http://www-tss.cisco.com/eservice/vho/security/asa5500/mod1/asa5550.htm

ASA5550 - No SSM slot available since this is a fixed config box

ASA5580 - takes a FIPS enclosure:

http://www.cisco.com/en/US/docs/security/asa/hw/maintenance/5580guide/install.html#wp1041274

You can refer this link for module compatibility:

http://www.cisco.com/en/US/docs/security/asa/compatibility/asamatrx.html#wp42562

And this one for specs:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

You can contact your local Cisco account team, so they can determine your traffic pattern and size the correct model for you.

You are on the right track. 

-KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card