12-09-2019 01:27 PM
Hi Guys,
Need some help with questions we have.
We debating to go for Firepower 2130 vs Cisco 5545-X with Firepower module. We are going to use these devices for purely for AnyConnect VPN solutions with posture check. We dont want to use the ISE appliance at the moment for posture check.
1. Can we use hostscan in Cisco ASA 5545-X with Firepower module without using the ISE appliance ?
2. Is it mandatory to use ISE for posture check if we go with FTD on Cisco 2130 ?
3. I guess we can reimage Cisco 2130 with ASA image, in that Case can I use regular hostscan without the need of the ISE ?
Solved! Go to Solution.
12-09-2019 02:15 PM
12-09-2019 01:36 PM
Hi,
I'd recommend going with the newer FP2130 hardware rather than the ASA appliance, as the ASA hardware is not going to be supported much longer.
If you run ASA code then you can use Hostscan without using ISE. If you purchase the FP2130 hardware you can still run the ASA code, so you do not necessarily need to run FTD. The ASA code currently supports more Remote Access VPN features than the current version of FTD. FTD v6.5 is the latest and it does not support Hostscan/DAP etc, whereas ASA code does. Therefore if you did run FTD code, then yes you would need to run ISE to support posture checking.
HTH
12-09-2019 01:42 PM - edited 12-09-2019 01:45 PM
Hi RJI ,
Thanks for your quick response.
I guess by reimaging FTD to ASA code, we will lose Threat prevent support so if we have to go with Cisco ASA with Firepower module, can we use hostscan or ISE ?
I'm never worked on Cisco ASA with Firepower module, though I'm familar with ASAs and FTDs.
TIA
12-09-2019 01:54 PM
12-09-2019 02:00 PM - edited 12-09-2019 02:02 PM
Thanks a lot for quick response.
A different question, Do you even consider threat detection on Remote Access VPN appliances ? Is it a very common solutions ?
I see threat detection on Outbound or Inbound firewalls, but not on RA VPN appliances. Is there is any downside with having RA VPN with Threat detection, if use Cisco ASA with Firewpower ?
12-09-2019 02:15 PM
12-09-2019 02:21 PM
Thanks for your quick replies.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide