Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1012
Views
10
Helpful
2
Replies

Cisco 5500 vs 5500-X Next Gen Firewall Services

Go to solution
Pacerfan9_2
Level 1
Level 1

‎05-02-2013 01:08 PM

I saw a brief demonstration of the Cisco 5512-X the other day and I saw some interesting capabilities, mostly with the Application Visibility and Web Security. One question that entered my mind is other than performance how different is the 5512 vs 5510 running 9.0 code if you do not purchase the Application Visibility and Web Security subscription? For example, if I do not purchase the subscription will I retain all the functionality and just loose dynamic updates, or does it go as far as disabling functionality? My reason for asking is I am trying to determine if it makes sense to purchase one of these 5512’s to replace a 5510 in our lab environment so we can better evaluate the Next Generation 5500-X Firewalls, or if the next gen services require a subscription. We would not be purchasing a software subscription in our lab, and the 60 day trial would not suffice.

Anyone out their using Application Visibility\Web Security or Cisco Cloud Web Security? If so what has your experience been?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
kussriva
Level 1
Level 1

‎05-06-2013 11:26 PM

Hi,

Regarding the Performance of the ASA CX vs the old ASA 5500 series, you can refer to the foll links which provide the information:

ASA CX why Upgrade: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5709/ps6120/white_paper_c11-727394.html

ASA Data Sheet:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-701253.html

These two docs provide comprehensive information about the differences in the performance of both the devices.

Regarding the licensing, YES the AVC (Application Visibility Control) and Web Security Subscription do require additional license. If you do not purchase the license after the expiration of the Grace Period, the following would be the implications:

  • Feature 'updates' stop. For example, if the Applications license  expires, after the grace period no new application signature updates  will be downloaded.
  • The feature continues to work with the current signature set.
  • Policies (rules) using the feature can no longer be edited.
  • Events continue to show the feature logs, so that troubleshooting is not hampered.
  • Reports will stop showing data based on the expired feature from the time the license expires (past the grace period).

If you want a Demo device, you can contact your Cisco SE/Partner and they can provide you more information about Cisco Demo Loan Program.

Regards,

Kush

View solution in original post

2 Replies 2

Go to solution
kussriva
Level 1
Level 1

‎05-06-2013 11:26 PM

Hi,

Regarding the Performance of the ASA CX vs the old ASA 5500 series, you can refer to the foll links which provide the information:

ASA CX why Upgrade: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5709/ps6120/white_paper_c11-727394.html

ASA Data Sheet:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-701253.html

These two docs provide comprehensive information about the differences in the performance of both the devices.

Regarding the licensing, YES the AVC (Application Visibility Control) and Web Security Subscription do require additional license. If you do not purchase the license after the expiration of the Grace Period, the following would be the implications:

  • Feature 'updates' stop. For example, if the Applications license  expires, after the grace period no new application signature updates  will be downloaded.
  • The feature continues to work with the current signature set.
  • Policies (rules) using the feature can no longer be edited.
  • Events continue to show the feature logs, so that troubleshooting is not hampered.
  • Reports will stop showing data based on the expired feature from the time the license expires (past the grace period).

If you want a Demo device, you can contact your Cisco SE/Partner and they can provide you more information about Cisco Demo Loan Program.

Regards,

Kush

Go to solution
Pacerfan9_2
Level 1
Level 1
In response to kussriva

‎05-16-2013 12:30 PM

Thanks for the information. I spoke with our Account Manager and was given similar information. I decided to purchase a 5512 and may will may look into the AVC and Web Security at a later point in time.

0 Helpful
Customers Also Viewed These Support Documents