Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1518
Views
5
Helpful
4
Replies

Firepower downgrade to ASA

Go to solution
m4k3rz
Level 1
Level 1

‎06-09-2022 12:00 PM

Hello, 

 

The company i work for has an ASA that will become obsolete in October this year. So they are looking to replace with another ASA; however, all of them are EOL, and the recommended option I got from Cisco is replacing the ASA with a Firepower. I'm not interested in using any of the new NGFW features; all we want is to have a new device to keep doing what the ASA is already doing. Having said that, I have a couple of questions:

 

1) Can i just install an ASA image in the Firepower and use it just as if it was an ASA?

2) if i do install an ASA image, would all the commands and config modes be the same? or would this be like an "a-like" version of the ASA but not quite?
3) Would this be the equivalent of buying a Ferrari but removing the engine to install a Toyota engine? or is not quite a downgrade, is just different?

 

Thank you

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎06-09-2022 12:22 PM

@m4k3rz yes you can reimage the Firepower device with the ASA software image.

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/reimage/asa-ftd-reimage.html

After you've reimaged you will need to apply the 3DES license, guide here.

 

It would be the same ASA image you are familar with.

 

Obviously with the ASA software image compared to the FTD image you will get less NGFW features, it depends on what features you require.

 

View solution in original post

4 Replies 4

Go to solution
Rob Ingram
VIP
VIP

‎06-09-2022 12:22 PM

@m4k3rz yes you can reimage the Firepower device with the ASA software image.

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/reimage/asa-ftd-reimage.html

After you've reimaged you will need to apply the 3DES license, guide here.

 

It would be the same ASA image you are familar with.

 

Obviously with the ASA software image compared to the FTD image you will get less NGFW features, it depends on what features you require.

 

Go to solution
m4k3rz
Level 1
Level 1
In response to Rob Ingram

‎06-09-2022 12:32 PM

Thanks Rob!!

 

Does that 3DES license have a cost, or recurrent cost?

 

Also, is it possible to purchase the Firepower and use the FTD image without purchasing any NGFW licenses? I heard from a Cisco reseller that you can't use the FTD image unless you purchase a license for any of the security feats, but wanted to double check with you.

 

Thank you

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to m4k3rz

‎06-09-2022 12:37 PM - edited ‎06-09-2022 12:39 PM

@m4k3rz the 3DES license for ASA is free.

 

You get a base license with the FTD, which has the basic firewall features, but you don't get the useful NGFW functionality such as Threat, URL, AMP etc - which has an extra cost.

 

Also a standalone FTD uses local FDM management, which does not have all the features that the FTD if managed centrally by the FMC would have.

0 Helpful

Go to solution
m4k3rz
Level 1
Level 1
In response to Rob Ingram

‎06-10-2022 05:31 AM

got it. thank you Rob!!

0 Helpful
Customers Also Viewed These Support Documents