cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
509
Views
10
Helpful
6
Replies

Explainations

alsayed
Level 1
Level 1

Hi Guys

could u Please Explain what does it mean the below,pls in brief

Throughput                                       150 Mbps
Connections                                     10,000–25,000
VPN throughput                                 100 Mbps

Thanks

6 Replies 6

Jennifer Halim
Cisco Employee
Cisco Employee

I am assuming that you are enquiring about ASA 5505 performance, so:

Throughput of 150Mbps means any clear text traffiic going through the ASA firewall, the maximum aggregated throughput is 150 Mbps.

Connections with base license is 10,000, ie: you can have up to 10,000 maximum connection concurrently, and with security plus license, it's 25,000 maximum connections concurrently.

Lastly, for all VPN connection terminating on the firewall, the aggregated throughput would be 100Mbps. This includes all types of VPN, ie: IPSec LAN-to-LAN tunnels, IPSec Remote access vpn, SSL VPN, Easy VPN.

Hope that helps.

Thanks man

is there any sizing for encrpted traffic through firewall or its also included as throughtput

The VPN throughput is for 3DES and AES encryption.

AES is the highest level of encryption that can be configured on the ASA.

is ther any type of calculation to determine the suitable platform according to entreprise requirment,how to start sizing?

If you will be terminating VPN on the ASA, you would like to find out how many IPSec VPN Client users will be connecting concurrently, as well as how many Lan-to-Lan VPN tunnels. With IPSec VPN on ASA 5505 - base license, you can only have 10 IPSec VPN tunnels, and with security plus license, you can only have up to 25 VPN tunnels (it includes both lan-to-lan tunnel as well as remote access vpn client).

If you would be terminating SSL on the ASA, it only comes with 2 default SSL license, and if you need more SSL VPN tunnels, you would need to purchase extra SSL license. There is also a maximum number of SSL VPN supported for each ASA model.

With ASA 5505, it provides 8 switchports, instead of normal routed port that you might want to be aware of. You also need to check how many VLANs you would like to terminate on the ASA as different models have different maximum VLANs supported.

Lastly, different ASA models also support expansion of AIP module (IPS), CSC module (Anti virus) and 4GE extra ports module

You might want to check out the ASA model comparison for all the ASA 5500 series model that has all the above information:

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: