Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
612
Views
0
Helpful
2
Replies

Recommended version of ASA and SFR

ymadheka
Level 4
Level 4

‎11-11-2016 08:16 AM - edited ‎03-12-2019 01:31 AM

Hi Team,

We have a customer that has recently purchased firepower services on existing ASA but would like to test the functionality of firepower on ASA with SSL inspection capabilities in production firewall. We would like to understand based on the existing versions available and field response which is the best recommended  version to start with.

Current Version: ASA 5545 with 9.2.2.4 and SFR 5.4.0


Kindly advise.

Thanks & Regards,

Yogesh Madhekar

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

‎11-11-2016 08:39 AM

You should use at minimum version 6.0 of SFR. This is also needed if you want to use SSL inspection. The ASA also has to be upgraded to at least version 9.4(2).

You find more on the requirements in the release-notes.

0 Helpful

Oliver Kaiser
Level 7
Level 7

‎11-11-2016 08:55 AM

Use 9.6.2 for ASA and 6.0.1.2 for Firepower. FP 6.1.0 has introduced some critical bugs that are not fixed yet (6.1.0.1 scheduled for december).

As Karsten stated, 6.0 is required for SSL inspection but keep in mind that the performance hit for using ssl decryption is about 80% because its done in software.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card