We're looking at replacing a 4507R at the core of our network with a 6500 series. Currently, the 4507R has a supervisor engine IV, 3 48-port copper blades, and 2 6-port fiber blades. We're hoping to include in the 6500 series replacement the firewall module (to replace a PIX 525), vpn (to replace a 3005 concentrator), and IDS/IPS.
I'm a little confused as to what I need from looking at the Cisco product pages. Is there a guide somewhere as to what to get? The firewall that we would be replacing is actually a pair of PIX 525s in an active/standby pair. We'd like to have some redundancy in the 6500 as well. We'd also like some sort of failover for the IDS/IPS if possible.
A couple of questions:
- if I have two FWSMs installed, they would load balance, and if one failed, the other would take over all traffic, correct?
- I see a "VPN services port adapter" and a "VPN shared port adapter"... I'm not sure how they differ
- The supervisor engine 720 and the supervisor engine 32... we'd need one or the other, correct?
- Would we need the Policy Feature Card and the Distributed Forwarding Card?