Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2041
Views
0
Helpful
4
Replies

Fwall Security

Go to solution
saquib.tandel
Level 1
Level 1

‎07-23-2013 06:57 AM - edited ‎03-03-2019 07:08 AM

Hi

Requirement are -

  1. terminate 50 L2L VPN
  2. 50 concurrent SSL VPN session total 250 users
  3. 20 User VPN using Cisco VPN Client
  4. NAT traffic for Proxy Server located on LAN
  5. NAT IP for Email Edge Gateway
  6. Support Netflow
  7. Microsoft AD integrated for SSL user connection
  8. 100 devices to be configured as AAA

vendors quoted ASA 5525 and ACS  appliance 3415-K9

any feedback if the sizing is correct

Can you expert advise if ASA 5525 with IPS is better option than ASA 5525 with CX 

thanks

ST


Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni
In response to saquib.tandel

‎07-24-2013 07:45 AM

I think you need the flowing license

Web Security Essentials license—This subscription-based license allows the use of URL filtering and the use of web-reputation-based policies. Specifically, you need this license if you want to use URL objects or web reputation profiles in policies

http://www.cisco.com/en/US/docs/security/asacx/9.1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1_chapter_0101.html#concept_49303E3A8E3B4C2095B8B26391897183

hope this help, if helpful rate

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni

‎07-23-2013 09:06 AM

Based on the numbers you have it is good option

The Asa cx is the next generation asa which can give more capabilities

Cisco® ASA CX Context-Aware Security is a modular security service that addresses these needs by blending a proven stateful inspection firewall with next-generation capabilities and a host of additional network-based security controls - for end-to-end network intelligence and streamlined security operations. Cisco ASA CX enables organizations to rapidly adapt to dynamic business needs while maintaining the highest levels of security. Like most next-generation firewalls, ASA CX delivers application and user ID awareness capabilities for enhanced visibility and control of network traffic. In addition, ASA CX enables administrators to:

• Control specific behaviors within allowed micro-applications

• Restrict web and web application usage based on reputation of the site

• Proactively protect against Internet threats

• Enforce differentiated policies based on the user, device, role, and application type

IPS capabilities will be embedded into ASA CX, You need to check if it's embedded now !

Hope this help

0 Helpful

Go to solution
saquib.tandel
Level 1
Level 1
In response to Marwan ALshawi

‎07-24-2013 04:10 AM

thanks marwan, on ASA CX are there any additional license to be purchased for url filtering and application restriction or with standard license all is covered.

regards

ST

0 Helpful

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni
In response to saquib.tandel

‎07-24-2013 07:45 AM

I think you need the flowing license

Web Security Essentials license—This subscription-based license allows the use of URL filtering and the use of web-reputation-based policies. Specifically, you need this license if you want to use URL objects or web reputation profiles in policies

http://www.cisco.com/en/US/docs/security/asacx/9.1/user/guide/b_User_Guide_for_ASA_CX_and_PRSM_9_1_chapter_0101.html#concept_49303E3A8E3B4C2095B8B26391897183

hope this help, if helpful rate

0 Helpful

Go to solution
saquib.tandel
Level 1
Level 1
In response to Marwan ALshawi

‎07-24-2013 08:13 AM

Thank u

0 Helpful
Customers Also Viewed These Support Documents