We want to buy a firewall, our requirement is we have an online web application that our clients will access through Internet, these users will not exceed to more than 3,000 in coming 5 years, we are also expecting few site to site VPNs not more than 20 from our world wide clients. We are thinking that we will place our web servers and email server on DMZ, our 100 Users network will connect to internet through inside network, we are also thinking to place our databases and SANs on the third interface and users from the DMZ & LAN will access them through Firewall, and the fourth interface will connect to the outside world.
For the above scenario we have two options (as suggested by a tool Cisco Product Advisor) i.e.
Product Summary | ASA-5510-SEC-BUN-K9 | ASA-5520-BUN-K9 |
Maximum firewall (Mbps) | 300 Mbps | 450 Mbps |
Maximum firewall connections | 130,000 | 280,000 |
Maximum firewall connections/second | 9,000 | 12,000 |
Packets per second (64 byte) | 190,000 | 320,000 |
Maximum 3DES/AES VPN throughput | 170 Mbps | 225 Mbps |
Maximum site-to-site and remote access VPN sessions | 250 | 750 |
Maximum SSL VPN user sessions1 | 250 | 750 |
Bundled SSL VPN user session | 2 | 2 |
Memory | 256 MB | 512 MB |
Minimum system flash | 64 MB | 64 MB |
Integrated ports | 2-10/100/ 1000, 3-10/ 100 | 4-10/100/ 1000, 1-10/100 |
Maximum virtual interfaces (VLANs) | 100 | 150 |
We need an opinion that if you go for ASA 5510 can it cause any bottleneck in the coming 3 to 4 years ?, Memory 256 can cause any problem ?
Thanks & Regards
Faisal Shahid
