We've got a pair of PIX 525s in active/standby mode, plus a pair of VPN 3005 concentrators (one active, one redundant using vrrp) for IPSec VPN connections (both LAN-to-LAN and Remote Access, 3DES). I'm trying to generate a proposal to replace all 4 devices with more current equipment.
From Cisco's website, it looks like the ASA 5520 is the recommended replacement for the PIX 525 and there's an SSL/IPSec VPN Edition recommended for replacing the 3005s. The SSL/IPSec VPN edition seems to be a fair bit more expensive than the other version... Can just the a pair of ASA 5520s handle the job of what we're using now, or do we really need the more expensive version?
Also, I've seen mention of a Technology Migration Plan from Cisco. Would this apply here, or is it even still evailable?