Version 9.2 is released on oct 14 but i dont understand why its not listed in CCW ?

Do you have any public statement for the release? It's not available on the download-area and there are also no release-notes.

EDIT: Oh, I typed the wrong link and didn't realize that I was on the general ASA page ... But still, I have no answer. Probably Cisco will add a new bundle sometime in the future?

LATER: The following statement seems like it's just an add-on license:

Next Generation IPS filtering is a separately-licensed service; the device includes an evaluation license.

So perhaps there won't be any new bundles ...

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

This is the link

http://www.cisco.com/en/US/partner/docs/security/asacx/roadmap/asacxprsm_new_features.html

The 5500-X Series Next-Generation Firewall product data sheets have been updated to show the ordering options now including the NGFW IPS. Please refer to Table 4 here. The product SKUs haven't been released for orderability just yet but should be on CCW later this month.

So you will soon be able to buy the IPS service (and use them on the CX module with or without the AVC and WSE features). It is a bit different from the old school Cisco IPS module - reflecting the new architecture and design of the product (i.e., managed by PRSM - either on-box or off-box).

thanks Marvin,

and what is the big difference between the Cisco IPS module and the Cisco IPS service? in a design environment which would we decide to use and why?

thanks in advance

Carolina Morales

You're welcome. I've only seen a few high level slides so far. Official release of the information has not yet been done.

A general description would be that NGFW IPS is better integrated with the overall access policy as expressed in the policies defined in PRSM. As such, it is able to leverage the application awareness (AVC) and source reputation (WSE) data and is enhanced by the more frequent (near real time) updates from Cisco's SIO cloud.

Sorry that's kind of marketing-speak but that's all that available at the moment.

Marvin, we just bought this

ASA5512-SSD120-K9

L-ASA5512-IP1Y=

We originally intented to buy the classic IPS for our customer, but our vendor indicated that the CX module with the IPS service was essentially the new replacement for classic IPS module.  However, after a nightmarish support call with licensing and TAC and finally finding someone who understood that there are 2 IPSs now, the person I spoke with gave me the impression that the IPS service with the CX module is not as robust as the classic IPS module, or maybe wasn't quite as feature rich?

Does anyone understand the difference between these two IPSs in terms of their features, etc?  My customer only wants an IPS, so which one would you choose if you don't need the other CX module features?  The easier to manage the better, but their focus is security and blocking and/or alerting on potential threats, etc.