NGFW vs ASA

ronald.su · ‎01-18-2021

hello,

I have over 5 years ASA experience, but I don't have any NGFW experience. I wondering if there have big difference between ASA and NGFW ? I mean in the command level...

we use ASA for NAT, VPN (IPSec and anyconnect ) ,route, ACL etc...

for those feature, does the command has big different ?

thx

Mohammed al Baqari · ‎01-18-2021

Hi,

Yes there is a major difference. FTD is fully GUI. There is no CLI for
configuration. Also, feature wise they are totally different.

**** please remember to rate useful posts

balaji.bandi · ‎01-18-2021

ASA is going to fade soon from cisco List, since Csico new model is NGFW ( Firepower) - i would focus on towards new model

FTD ( ASA + Next generation Features)

https://blogs.cisco.com/security/3-reasons-to-upgrade-from-cisco-asa-to-cisco-firepower-ngfw-today

Most of them should work as per your requirement, but still worth to check version of Code FTD Model you going to deploy.

FTD Managed by FDM (with Limited ) - FMC fully featured GUI.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Marius Gunnerud · ‎01-18-2021

I would agree that ASA is becoming obsolete as FTD now does just about everything ASA can do plus more.

FTD can do URL filtering, IPS, Advanced Malware Protection, as well as regular packet filtering, NAT, site to site and remote access VPN just to name a few.

If you are considering swapping out an old firewall, then FTD would be the way to go.

--
Please remember to select a correct answer and rate helpful posts