Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Non-Disruptive Deployment Model for FWSM/ASA Services Module Integration into a Production Environment


I request your guide and recommendation on best approach to integrate an existing FWSM  on a Cat 6k in a production enviroment to achieve server segmentation for enhanced security and compliance (PCI-DSS).

We want a deployment approach that is less disruptive to services.

Note the existing FWSM could not be enbaled when their host systems (Cat 6k) were deployed due to lack of information on service ports of many business applications running on our network- how do we also achieve an accurate knowledge of service ports (what tools)?

We have dynamic routing (OSPF) on the core network while EIGRP is running at the edge(WAN).

Note: would recommend we trade in the FWSM for the newer ASA services module or we can still deploy the FWSM to achieve comliance and security mandates?

I will appreciate your quick and favourable response.

CreatePlease to create content