Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
4
Helpful
1
Replies

ASA5500 Series

ewong0088
Level 1
Level 1

‎03-31-2006 10:55 AM

Hello,

I wonder if someone out there can give me a hint as what's the best way to archieve what I need to do. Currently, I have two PIX515E (failover) as firewall and using PIX IPSEC VPN for remote access.

I am now in the process to procure a "complete" (what is complete in a fast changing world?) solution to include:

(1) Firewalling

(2) IPS

(3) Content Filtering (Spam,Virus,etc)

(4) Secure VPN connections regardless what devices (managed or unmanaged).

I have been looking at ASA 5520 (possible for future failover implementation) and kind of confuse by all these different modules, Hence the questions:

(1) Is there anyway to still utilize my existing PIX515E if I go with ASA?

(2) Does the VPN functionality include WebVPN? Or I have to purchase the SSL VPN licenses in order to use WebVPN?

(3) Shoudl I go with CSC-SSM instead of AIP? SOunded like CSC-SSM is for spam,virus,etc and AIP is for IPS and cannot be used at the same time. What if one does want to have both?

This whole project comes up simply because of remote VPN. We have users using Cisco VPn client to connect to the network and I would like to be sure that our network will not be infected because of these lightly protected client machines connecting to the network via the VPN.

Any insight or advice is appreciated.

Thank you.

Labels:
0 Helpful
1 Reply 1

sebastan_bach
Level 4
Level 4

‎03-31-2006 02:19 PM

hi there . the asa is as good as the pix.but for some speicifc features the asa is good thn the pix. it has the content security card and the intrusion prevention card in the box itself ofcourse u need to buy them. plus the pix doesn't support for webvpn. for remote access vpns can have load balancing between the 2 asa boxes. if u are more worried abt virus and worms then i would suggest go for the CSC-SSM module. now many more features wilbe brought in the asa but i doubt they will upgrade that in pix also cause then it would affect their asa sales. might in a years time they might bring the pix to end of sale. can't be sure of that . hope this helps.

sebastan

Customers Also Viewed These Support Documents