09-22-2018 04:41 AM - edited 03-12-2019 06:59 AM
Hi,
Currently I have Cisco ASA5512-X with firepower services, and we have plan to replace it, I would like to get some suggestions for what should I get next? what I found is Firepower 2100 series which looks good for our environment
but what is the measure here? is there a tool help choosing the correct device?
for example I have about 400 users, wireless service and lan service, server farm, proxy server, email gateway, VPN connections (RA) and maybe site to site
09-23-2018 06:26 AM
Bandwidth is your primary measurand used in judging the right platform size-wise. That plus the features being considered. (i.e. if it's FTD then are you doing IPs, URL Filtering and/or AMP?).
If you put ASA image on a Firepower 2100 you cannot also install a Firepower service module. So you would need to run FTD to keep the IPS features. At the same time, there are some constraints on the feature support, especially with respect to remote access VPN.
For sizing, there is a performance estimator tool available for partners to use. https://ngfwpe.cisco.com
Overall I'd recommend you contact a qualified reseller who can ask more detailed questions about your environment to recommend the best solution.
09-25-2018 03:30 AM
09-25-2018 04:12 AM
Your cisco.com id must have partner entitlement to use it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide