×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Pix 515e vs ASA5510

Unanswered Question
Sep 6th, 2007
User Badges:

We are in need of upgrade of firewall device currently Pix512. We have propostion of three solutions each with varying cost. The lowest cost is Active/Standby dual 515e, then redundant ASA5510s and the most costly redundant ASA5520s. We need to accomodate at least 100 hosts on our LAN that use outside internet, about 20 VPN's from outside users to the network and VPN tunnel from Pix515 in our another facility. The demand is expected to increase. I'd like to know how those devices compare performacewise and espeially how much better is ASA over PIX line of firewalls. Also is there a varying mode for Active/Active Active/Stanby on ASA and is there different licence cost.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.alekseev Sun, 09/09/2007 - 15:09
User Badges:
  • Gold, 750 points or more

http://www.cisco.com/web/partners/downloads/765/tools/quickreference/vpn_performance_eng.pdf


I think ASA5510 with a Security Plus license will be the best choice


After upgrading to Cisco ASA Software v7.2.3, ports 0/0 and 0/1 will become Gigabit Ethernet enabled on Cisco ASA 5510s with a Security Plus license. This gives customers greater flexibility, and enables them to achieve the maximum Cisco ASA 5510 firewall throughput (300 Mbps) through a single interface, if required.

railgun Mon, 09/10/2007 - 08:14
User Badges:

Thank you fo replying on my earlier post, bu I need little more detail on subject since I am kind of new to this devices. I need little more justfication. First of all wht is the difference in terms of hardware in Pix515e and ASA5510 products. I know that Pix runs on Intel PIII. Does ASA run on the same or different architecture. What are the enhancements over Pix. You suggested that we should go with 510. Is 520 an overkill for situation mentioned earlier.

srue Mon, 09/10/2007 - 10:58
User Badges:
  • Blue, 1500 points or more

the ASA's are newer devices and will therefore be supported by Cisco much longer than the PIX line will be - that should really be justification enough. The ASA can do everything the PIX can do - and more. Buying a PIX today is like buying a new copy of windows 2000 - yes, this is not a perfect analogy, but it gets the point across.

railgun Mon, 09/10/2007 - 11:20
User Badges:

Ok. so that narrows my choices to two possibilities: 5510 and 5520 one is cheaper the other epensive. How much more performance hsa 5520 over 5510, does 5520 have any features that may be useful but are not on 5510. also when in Active/Active failover mode do those device share the work on traffic or one of them sits passively.

Actions

This Discussion