Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
977
Views
0
Helpful
4
Replies

WSA vs. vWSA

Go to solution
Tim Glen
Cisco Employee
Cisco Employee

‎10-10-2016 01:32 PM

Hello,

I'm about to overhaul my Web Security Platform and I'm considering migrating my S170's to the vWSA. 

Besides the advantages of not having to deal with physical hardware what, if any, other advantages are there ? 

Thanks


Tim

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ken Stieers
VIP
VIP
In response to Tim Glen

‎10-10-2016 02:01 PM

Our users see it in faster access to the internet

Its more stable, the S170 had issues when updates came down at the same time users were all surfing, and it would just stop working until it finished the update. 

Black magic in that it was more complex for us than we wanted to try through our many hops... Its probably doable now that we installed the Nexus 1000v in VMware.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Ken Stieers
VIP
VIP

‎10-10-2016 01:47 PM

My vWSA S100V performs better than my S170, my VMware infrastructure has a lot more horsepower than the S170.

Are you using the L4TM?  I'm pretty sure getting SPAN'd traffic to that through all of the switching and then through VMware is black magic.

0 Helpful

Go to solution
Tim Glen
Cisco Employee
Cisco Employee
In response to Ken Stieers

‎10-10-2016 01:53 PM

Hi Ken,

Thanks for replying.  

When you say it performs better where do you feel that ?  I believe that logically since the VMWare hosts here have far more horsepower than the S170 too.   But realistically, where do you see that performance gain? 

 

Yes, I am using L4TM and I've been very concerned about how to get that traffic back into the ESX world...  When you say black magic, what do you mean?   I've considered using RSPAN but haven't tried setting up a PoC yet.

Thank you

0 Helpful

Go to solution
Ken Stieers
VIP
VIP
In response to Tim Glen

‎10-10-2016 02:01 PM

Our users see it in faster access to the internet

Its more stable, the S170 had issues when updates came down at the same time users were all surfing, and it would just stop working until it finished the update. 

Black magic in that it was more complex for us than we wanted to try through our many hops... Its probably doable now that we installed the Nexus 1000v in VMware.

0 Helpful

Go to solution
Tim Glen
Cisco Employee
Cisco Employee
In response to Ken Stieers

‎10-11-2016 11:26 AM

Ken, 

Thanks for the tips.  My S170 has been quite stable but I'm leaning toward virtualizing both the S170 and the M170 during this overhaul.  

The L4TM doesn't provide too much protection because we limit the outbound traffic to well known ports. I think we can live without the L4TM.

Tim 

0 Helpful
Customers Also Viewed These Support Documents