ASA versus PIX 515E

Unanswered Question
May 18th, 2007

I currently have two PIX 515E's, one is located at a collocation the other at our corporate location. We are looking at getting 2 more PIX's so we can have failover ability at both locations and I was told I should look into getting the ASA5500 series instead.

I have a few questions listed below.

1. What model ASA matches the PIX515E running the unrestricted bundle?

2. Is there a way to migrate the firewall config off of a PIX 515E to a ASA device? Because if we get 2 ASA models instead of 2 more PIX's I would move the corp 515E to the collocation and setup both ASA's at the corporate location.

3. As far as load balancing and redundancy is concerned, does the ASA or the PIX515E load balance or is it just failover ability?

4. With the Active/Active and Active/Standby what is the difference between the two? Some equipment vendors have different definitions for this.

Thanks!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
hoogen_82 Fri, 05/18/2007 - 08:13

1. What model ASA matches the PIX515E running the unrestricted bundle?

Ans: It should ideally be ASA5510-SEC-BUN-K9. But since you want load sharing(It wouldn't load balancing). If you need Active/Active Load sharing you would then need ASA5520-BUN-K9

2. Is there a way to migrate the firewall config off of a PIX 515E to a ASA device? Because if we get 2 ASA models instead of 2 more PIX's I would move the corp 515E to the collocation and setup both ASA's at the corporate location.

Ans: Check this site go through the learning module for upgradation from PIX config to ASA.

http://www.cisco.com/web/learning/le31/le29/configuring_asa_pix_security_appliances.html

3. As far as load balancing and redundancy is concerned, does the ASA or the PIX515E load balance or is it just failover ability?

PIX 515E does only active/standby but as you get to 7.X code you could do Active/Active load sharing.

4. With the Active/Active and Active/Standby what is the difference between the two? Some equipment vendors have different definitions for this.

Active/Active is load sharing. Active Standby is like your simple HSRP. Probably you can consider Active/Active as MHSRP.

-Hoogen

Do rate if this post helps :)

Actions

This Discussion