Rack Mount Server Specs and Licenses for Cisco ASA 5508 FIREPOWER

latenaite2011 · ‎07-15-2016

Good day,

I need to get a rack mountable server to support the management server for the Cisco ASA 5508-X FIREWPOWER devices and all the VM licenses for it. A server that I have in mind is the following:

http://shop.lenovo.com/us/en/systems/servers/racks/systemx/x3550-m5/

But what kind of licenses (including Operating Systems, VMWare..etc) will I need to get. It needs to be budgeted so I want to make sure I have all the items listed.

thanks-LN

Jetsy Mathew · ‎07-15-2016

Hello,

If you are integrating ASA with Firepower, you need a minimum of Protection and Control license to start managing the devices and to work with the access control policies.

For other features like malware policies and file policies you need a Malware license. If you need to have URL filtering features then you need a URL filtering license. For all the licensing queries you need to contact Cisco Global Licensing team.

Licensing : +1 919-574-1701

To manage the Firepower , either you can use Firesight Management Center or the ASDM.

Let me know if you have any questions.

Rate if the post helps you

Regards

Jetsy

latenaite2011 · ‎07-15-2016

Thanks much for the ASA licenses, for the Firepower, yes I need a server for the Firesight Management Center and was looking for the operating licenses so that I get that too such as Windows 2012 Server and the VM license for it.

Are you sure that I can just use ASDM without the Firesight Management center?

Jetsy Mathew · ‎07-15-2016

Hello Team,

The best is you can get a Firesight Management Center . With the ASDM you cannot see any detailed connection events for the traffic. With ASDM only real time event can be seen. If you have a Firesight management center then you can see all the detailed connection events. For the the requirements for installation , please refer the release notes and rest of the links. Let me know if you have any questions.

http://www.cisco.com/c/en/us/td/docs/security/firesight/540/relnotes/FireSIGHT-System-Release-Notes-v5-4.html

http://www.cisco.com/c/en/us/td/docs/security/firesight/541/virtual-install-guide/FireSIGHT-Virtual-Installation-Guide.html

http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center-virtual-appliance/118645-configure-firesight-00.html

For the Firesight , you need Firesight Host license which is needed for the Network discovery part. Rest of the licenses are Protection and Control which is the least minimum that you need to manage the Firepower device.

Rate if the post helps you

Regards

jetsy

Marvin Rhoads · ‎07-18-2016

Your server running FirePOWER Management Center needs to have VMware ESXi - NOT Windows Server 2012.

You can run it on the free ESXi if you're happy without all the advanced features a full license would give you (ESX clustering, backups via API integration, Vmotion etc.)

latenaite2011 · ‎07-18-2016

Well, when you install ESXi and create a VM, you will not be able to boot the VM until you load an operating sytem (Linux, Windows..etc..), right? That is the reason for the license for the OS (I chose Windows 2012 because it will last longer).

thanks!

Marvin Rhoads · ‎07-18-2016

The FirePOWER Management Center .ova file includes the necessary Linux Operating system. You don't need (nor do you have the option) to provide your own

All Cisco virtual appliances come that way.