I am trying to determine the differences between the SR520 and the ASA5505. The customer has ten users, three are at the main office and the rest are distributed across the country.
I would like to run a site to site vpn between their main office and a second location. Also, the users are going to have remote access VPNs. We are going to run wireless networks at both sites and backup through the VPN.
Question is: should I be using the ASA5505 or the SR520?
Obviously, the ASA is a stronger device, okay i get it. But at four times the cost (license up for additional vpn users + access point), I'd like to consider the SR520. After talking to the distributor support and cisco partner helpline, a few subjects came up:
1. Overall stronger security on the ASA5505. Especially IPS/IDS
2. Greater Throughput on the ASA. But, what exactly is the max vpn throughput on the SR520? isn't the cable/dsl going to be the bottlneck, not the SR520?
3. Ability to run a second ISP
4. Possibility for 2-part authentication? IE via a code-generating key fob. does anyone have any vendors that they would suggest?
5. It appears that this only supports the IPSEC VPN Client. The SSL VPN Client is not supported, but the Clientless Webvpn is? Does that make any sense?
6. Ability to authenticate users against Windows SBS 08 active directory via LDAP. It appears that the SR doesn't have this?
7. Perhaps we should run a SR520 at the Secondary site and a ASA5505 at the primary?
Any Suggestions, experiences or guidance would be beneficial.