09-18-2017 11:25 PM - edited 02-21-2020 06:19 AM
Hi All;
There is Cisco Firewpower 2110 however is not going into dpeloyment due to the fact that it does not support multicontext at this stage.
We are thinking in going to use the 2110 with an ASA image and run it like that for a while till the multicontext capability is available on the Cisco Firepower 2110.
What is the best way to do this and what image from ASA would be the best to use on this scenario where I would be able to support multicontext with the new ASA image.
I have a look at this link : https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/reimage/asa-ftd-reimage.html?dtid=osscdc000283#id_57089
However I would like to know what is the best ASA image that I can use and what would be the best process moving forward. Additionally , is there any timeline for multicontext to be supported on Firepower 2110?
Thank you.
Enrique.
Solved! Go to Solution.
09-19-2017 06:40 PM
As of right now, ASA 9.8.2 (file name cisco-asa-fp2k.9.8.2.SPA) is the only release available for the Firepower 2100 series appliances.
It can be found here:
Multiple context support release date has not been announced. The only thing I thinks it's safe to say for now is that it won't be available in 2017.
Unless you have a requirement for true multitenancy and/or overlapping subnets, you can often accomplish similar things with security zones on FTD that used to require multi-context on the ASA.
09-19-2017 06:40 PM
As of right now, ASA 9.8.2 (file name cisco-asa-fp2k.9.8.2.SPA) is the only release available for the Firepower 2100 series appliances.
It can be found here:
Multiple context support release date has not been announced. The only thing I thinks it's safe to say for now is that it won't be available in 2017.
Unless you have a requirement for true multitenancy and/or overlapping subnets, you can often accomplish similar things with security zones on FTD that used to require multi-context on the ASA.
09-26-2017 05:16 PM
Thank you Marvin for the answer , very helpful .
I would like to confirm that if I use the ASA image on my 2100 Applicance I will not be able to use the FTD licences Malware and Threat , that I have got on my original purchase?
Let me know if I am correct.
Enrique.
09-26-2017 05:56 PM
Correct.
Firepower appliances (2100, 4100 or 9300 series) running ASA image (also known as logical device) does not support the Firepower service module and thus cannot use either any of the Threat (IPS), URL or Malware FTD-type licenses. The same goes for Firepower service module Control + Protect licenses as well.
You basically have a really fast ASA without any of the NGIPS features.
04-18-2018 07:30 AM
Marvin,
Has this changed at all that the Firepower 2100 running ASA still can't do Threat(IPS), URL or Malware?
04-18-2018 08:53 AM
That hasn't changed and it won't be changed. The ASA image will only ever have base ASA features.
FTD is the unified image and that's where everything will be merged going forward.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide