Version recommendation for ASA-5510 (Bases license) + AIP-SSM-10

Unanswered Question
May 25th, 2008
User Badges:

Dear All,

I need your advice and recommendation related to the ASA and IPS version


I am going to have more then a half a dozen ASA-5510(Baseline) with AIP-SSM-10 implmentation in next 2 days.


Which ASA version is recommended from CISCO version 7.x or Version 8.x. One thing I decided is to go for the IPS version 6.1 (for AIP-SSM10). is there any specific ASA version I should run inorder to run IPS-6.1


Please do advice me


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Mon, 05/26/2008 - 00:05
User Badges:
  • Green, 3000 points or more

Nasim,


There is no specific asa version code other than version 7.x or above to run AIP-SSM10 module running IPS version 6.1.


IPS 6.1 release notes

http://www.cisco.com/en/US/docs/security/ips/6.1/release/notes/17173_01.html


Installing AIP-SSM & Software requirements

http://www.cisco.com/en/US/docs/security/ips/6.0/installation/guide/hwSSM.html


For ASA there are couple designations,the GD (General Deployment) based on designation is most stable code 7.0(7), and ED early deployement codes 7.2.x 8.0.x etc.. ED means has not reached GD stage which there are still opened caveats to be worked on and resolved. Running specific ASA codes and upgrading depends on whether end user has encounter a problem caused by a known bug requiring code upgrade to fix.


In my opinion use the latest ASA code 8.0(3).



You may check code realse notes to learn more on opened and resolved caveats.

http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html


HTH

Rgds

-Jorge


nasim_nasri Mon, 05/26/2008 - 06:47
User Badges:

Hey Joe thanks for your reply but it is really a problem as only 7.0.7 is in GD state others are still at ED state.


Somehow as you are recommending 8.0.3 but I think 7.2(4) would be good to go with IPS 6.1


I think there CISCO TAC should recommend us the version as JTAC recommend us that for this platform use this and etc


JORGE RODRIGUEZ Mon, 05/26/2008 - 07:54
User Badges:
  • Green, 3000 points or more

Another way to learn which code to realy use is to read release notes open Caveats from the link I provided, for every release code there is a list of opened and resolved bugs, you may go over opened caveats and see if there are any issues reported on asa codes and AIP-SSM , the same goes for IPS 6.1 release notes, it contains a list of same information.


Ultimately if still unsure TAC is always there to help you.


HTH

-Jorge

suschoud Mon, 05/26/2008 - 10:52
User Badges:
  • Gold, 750 points or more

please use 7.2.4.

Regards,

Sushil

Cisco TAC.

Actions

This Discussion