I've been asked to draw up a proposal to replace our existing 3rd party Internet facing firewalls with a new solution.
I have worked a lot in the past with PIX s and Cisco being my area of expertise I am going to propose using an ASA. However I know little about them, and even having read a lot of documentation on the Cisco sites still only have a basic understanding.
The customers network is designed along the 3 layer Campus model, and servers in excess of 6500 users, all of whom require Internet access. My initial leaning is toward the ASA5520. Availability is obviously important, so we'll need at least 2 in failover pair. Does this sound like a reasonable choice?
What I'm not so sure of are the 'Security Contexts' that the ASA apparently has upto 20 of, and the bundle I'm looking at comes with 2. Does this refer to IPS services, the basic firewall function, VPN etc ...? What are the basics you get without all the add-ons?
The 5520 comes with 4 Gigabit and 1 100Mb interface - can the Gig interfcaes be configured as 100Mb?
Any advice v gratefully received!