Solved: Repalce Cisco ASA 5510

viorelspinu · ‎03-05-2020

Hi,

I need to replace an ASA 5510 which does not support TLS1.2. I checked that TLS1.2 is available on Appliance greater then 9.3. A suitable model would be ASA 5525-X.

I see that there are two models: ASA 5525-X and ASA 5525-X with Firepower

I am not sure what model to choose.

What replacement would you recommend?

I need to migrate the config from ASA 5510 to the new device.

Services that I need: Remote Access VPN, Firewall, Authentication with an external Identity System via http.

Any input would be valuable for me.

Regards!

Cristian Matei · ‎03-05-2020

Hi,

If you don't need NGFW features (looks like you don't based on presented requirements) go with the regular ASA 5525-X, so no FirePOWER services.

Regards,

Cristian Matei.

View solution in original post

Cristian Matei · ‎03-05-2020

Hi,

If you don't need NGFW features (looks like you don't based on presented requirements) go with the regular ASA 5525-X, so no FirePOWER services.

Regards,

Cristian Matei.

balaji.bandi · ‎03-05-2020

Agree with @Cristian Matei , but Cisco moving towards FTD in the Future, so investing money Firepower Model will be Long Term Money Protection.

Until any other reason you looking to have only ASA.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Cristian Matei · ‎03-05-2020

Hi,

The platform he's looking for (5525-X), can be upgraded to FirePOWER at any time. So:

- if you have no intention to, at some point in future, run FirePOWER NGFW, buy the simple ASA5255-X; you can still upgrade it later on in case you want (PN:ASA5525-FP-UPG)

- if you think there is a slight chance you might be using FirePOWER later (and i say you might need it), buy the Firepower bundle (it's not much more expensive), and you don't buy the subscription (this is expensive), you buy it later when you want to use it (PN:ASA5525-FPWR-K9)

Regards,

Cristian Matei.

viorelspinu · ‎03-05-2020

Thank you very much for information!