Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
333
Views
0
Helpful
1
Replies

ASA 5512-x and 5515-x

Go to solution
Dan Flesaru
Level 1
Level 1

‎06-16-2016 01:14 AM - edited ‎03-12-2019 12:53 AM

hello,

I want to activate/install IPS on ASA 5515-x and ASA-5512-x

I'm not able to find what type license must order to activate IPS module 

This platform has an ASA 5515 Security Plus license.

 

 

Failover cluster licensed features for this platform:

Maximum Physical Interfaces       : Unlimited      perpetual

Maximum VLANs                     : 100            perpetual

Inside Hosts                      : Unlimited      perpetual

Failover                          : Active/Active  perpetual

Encryption-DES                    : Enabled        perpetual

Encryption-3DES-AES               : Enabled        perpetual

Security Contexts                 : 4              perpetual

GTP/GPRS                          : Disabled       perpetual

AnyConnect Premium Peers          : 27             perpetual

AnyConnect Essentials             : Disabled       perpetual

Other VPN Peers                   : 250            perpetual

Total VPN Peers                   : 250            perpetual

Shared License                    : Disabled       perpetual

AnyConnect for Mobile             : Disabled       perpetual

AnyConnect for Cisco VPN Phone    : Disabled       perpetual

Advanced Endpoint Assessment      : Disabled       perpetual

UC Phone Proxy Sessions           : 4              perpetual

Total UC Proxy Sessions           : 4              perpetual

Botnet Traffic Filter             : Disabled       perpetual

Intercompany Media Engine         : Disabled       perpetual

IPS Module                        : Disabled       perpetual

Cluster                           : Disabled       perpetual

 

This platform has an ASA 5515 Security Plus license.

 

ASA-1# sh module

 

Mod  Card Type                                    Model              Serial No.

---- -------------------------------------------- ------------------ -----------

   0 ASA 5515-X with SW, 6 GE Data, 1 GE Mgmt, AC ASA5515            FCH18097S02

ips Unknown                                      N/A                FCH18097S02

cxsc Unknown                                      N/A                FCH18097S02

 

Mod  MAC Address Range                 Hw Version   Fw Version   Sw Version

---- --------------------------------- ------------ ------------ ---------------

   0 7426.acc9.347a to 7426.acc9.3481  1.0          2.1(9)8      9.1(2)

ips 7426.acc9.3478 to 7426.acc9.3478  N/A          N/A

cxsc 7426.acc9.3478 to 7426.acc9.3478  N/A          N/A

 

Mod  SSM Application Name           Status           SSM Application Version

---- ------------------------------ ---------------- --------------------------

ips Unknown                        No Image Present Not Applicable

cxsc Unknown                        No Image Present Not Applicable

 

Mod  Status             Data Plane Status     Compatibility

---- ------------------ --------------------- -------------

   0 Up Sys             Not Applicable

ips Unresponsive       Not Applicable

cxsc Unresponsive       Not Applicable

 

Mod  License Name   License Status  Time Remaining

---- -------------- --------------- ---------------

ips IPS Module     Disabled        perpetual

 

ASA-1#

 

 

Can you help me ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-16-2016 11:25 AM

Cisco has offered three types of IPS over the years.

The two that are supported on your ASA software version (classic IPS and CX module) are no longer sold.

The currently offered type is via the FirePOWER service module ("sfr" module type). It is supported since ASA version 9.2(2) and will not show as a module type on earlier versions.

With the sfr module you require licensing and, prior to ASA 9.5(1.5) with FirePOWER 6.0, a separate FirePOWER Management Center to use it.

ASA 9.5(1.5) with ASDM 7.5(1.112) and FirePOWER 6.0 or later allow you to manage the FirePOWER IPS directly from ASDM.

Either way you need to buy a license and install the software module. Here's how to do the latter:

http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-16-2016 11:25 AM

Cisco has offered three types of IPS over the years.

The two that are supported on your ASA software version (classic IPS and CX module) are no longer sold.

The currently offered type is via the FirePOWER service module ("sfr" module type). It is supported since ASA version 9.2(2) and will not show as a module type on earlier versions.

With the sfr module you require licensing and, prior to ASA 9.5(1.5) with FirePOWER 6.0, a separate FirePOWER Management Center to use it.

ASA 9.5(1.5) with ASDM 7.5(1.112) and FirePOWER 6.0 or later allow you to manage the FirePOWER IPS directly from ASDM.

Either way you need to buy a license and install the software module. Here's how to do the latter:

http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card