Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
29298
Views
40
Helpful
29
Replies

ASA 5506 lic question

Go to solution
Mariusz Kuriata
Level 1
Level 1

‎05-04-2015 09:11 AM - edited ‎03-11-2019 10:52 PM

1. Will I get ANY subscriptions in ASA5506-SEC-BUN-K9 pls? There is no info o cisco.com and all on-line shops just say it is ASA5506-SEC-BUN-K9...

2. What the difference between ASA5506-SEC-BUN-K9 and asa5506-fpwr-bun. I am after IPS...

3. Is it true that there are no switchports on this firewall?

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-04-2015 09:57 AM

ASA5506-SEC-BUN-K9 includes the Security Plus license. The other one does not.

Both include the software module with FirePOWER image pre-loaded and the base Control license (ASA5506-CTRL-LIC). To actually use the FirePOWER IPS features you'd need to add a minimum of the IPS license. (L-ASA5506-TA-1Y for one year, -3Y and -5Y also available). 

The 5506 FirePOWER can be managed using ASDM, so a separate FireSIGHT Management Center license is not strictly required (tho advised for greatest functionality).

Both SKUs also include the no-cost ASA 5500 Strong Encryption License (3DES/AES).

View solution in original post

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Mariusz Kuriata

‎05-04-2015 10:05 AM

You're welcome.

The ASA5506-K9 (base license) comes with the same licenses as the ASA5506-FPWR-BUN. It even has the same FirePOWER software module image pre-installed and includes the CTRL license.

The difference is when your reseller or partner configures the FirePOWER bundle SKU in the Cisco Commerce Workspace (CCW - Cisco's configuration and ordering tool) they are prompted to add the optional add-on term-based FirePOWER licenses and FireSIGHT Management Center.

Either one can have the IPS license added later - same part number and same cost.

I hope this answers your question. Please mark as answered if it does.

View solution in original post

29 Replies 29

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-04-2015 09:57 AM

ASA5506-SEC-BUN-K9 includes the Security Plus license. The other one does not.

Both include the software module with FirePOWER image pre-loaded and the base Control license (ASA5506-CTRL-LIC). To actually use the FirePOWER IPS features you'd need to add a minimum of the IPS license. (L-ASA5506-TA-1Y for one year, -3Y and -5Y also available). 

The 5506 FirePOWER can be managed using ASDM, so a separate FireSIGHT Management Center license is not strictly required (tho advised for greatest functionality).

Both SKUs also include the no-cost ASA 5500 Strong Encryption License (3DES/AES).

Go to solution
Mariusz Kuriata
Level 1
Level 1
In response to Marvin Rhoads

‎05-04-2015 09:57 AM

Thank you Marvin.

 

What about ASA5506-K9 (base license) pls?

 

Will it support the IPS license later on?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Mariusz Kuriata

‎05-04-2015 10:05 AM

You're welcome.

The ASA5506-K9 (base license) comes with the same licenses as the ASA5506-FPWR-BUN. It even has the same FirePOWER software module image pre-installed and includes the CTRL license.

The difference is when your reseller or partner configures the FirePOWER bundle SKU in the Cisco Commerce Workspace (CCW - Cisco's configuration and ordering tool) they are prompted to add the optional add-on term-based FirePOWER licenses and FireSIGHT Management Center.

Either one can have the IPS license added later - same part number and same cost.

I hope this answers your question. Please mark as answered if it does.

Go to solution
Mariusz Kuriata
Level 1
Level 1
In response to Marvin Rhoads

‎05-05-2015 01:24 PM

Marvin, a quick one. I read somewhere I'd need to add an SSD to run Firepower features. Is it true?

I just bought ASA5506-K9. Does it arrive with an SSD?

 

I am especially interested in IPS but AMP would be great as well.

 

Is it enought o purchase L-ASA5506-TA= as you said?

 

Thx

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Mariusz Kuriata

‎05-05-2015 01:42 PM

Yes, it's built-in on all the new SMB ASAs. 

The 5506, 5506W, and 5506H all have a 50 Gb mSATA SSD drive (100 GB on the new 5516-X). It's not an option like it is on the larger models (and those use a 120 GB SSD). See table 3 in the data sheet.

Also, they all come with the FirePOWER image preinstalled. You should be able to see the software image as up from the cli with "show module" where you will see a "sfr" module type.

0 Helpful

Go to solution
Mariusz Kuriata
Level 1
Level 1
In response to Marvin Rhoads

‎05-05-2015 01:53 PM

Thx. Appreciate your quick reply. My ASA arrives in a couple of days so will play with it

0 Helpful

Go to solution
D. STM
Level 1
Level 1
In response to Marvin Rhoads

‎02-10-2016 01:30 PM

So what is the purpose of buying the SEC PLUS, what does it have that the other versions do not, as its more expensive?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to D. STM

‎02-10-2016 01:40 PM

Security Plus features are outlined in the tables of the product data sheet:

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/datasheet-c78-733916.html

Basically you get the ability to have:

a. more concurrent sessions

b. more site-site and remote access VPN peers

c. more VLANs

d. High Availability (Active-Standby)

 

0 Helpful

Go to solution
D. STM
Level 1
Level 1
In response to Marvin Rhoads

‎02-11-2016 06:50 AM

So should all Sec-Plus boxes come with a default feature pack? Is that listed anywhere as to what you get so you can compare it to what you should have.

0 Helpful

Go to solution
Meduober
Level 1
Level 1
In response to Marvin Rhoads

‎07-25-2020 02:54 AM

can you help me please:

__i have a cisco asa 5506-x and

i want to increase the number of connections anyconnect vpn (the equipement have only 4 connexion)

 

__and what services can be added using the asa5506_sec-pl certificate

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Meduober

‎07-25-2020 04:39 AM

If you require more AnyConnect users then buy AnyConnect licenses.

The features of SEC-PLUS are as noted earlier in this thread and in the linked datasheet.

0 Helpful

Go to solution
Mustak Yunus
Level 1
Level 1
In response to Marvin Rhoads

‎08-09-2016 08:03 AM

Hi Marvin,

I have ASA5506-K9 with base license and unfortunately it only supports 5 VLANs. Is it possible to upgrade the ASA5506-K9 with secure plus license. What is the  part number for secure plus license.

Thanks

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Mustak Yunus

‎08-09-2016 01:05 PM

That would be part number "ASA5506-SEC-PL".

We typically don't sell a lot of those since the pricing n it usually makes it more attractive to move up to one of the higher models that does not require the separate license for the features provided with Security Plus.

0 Helpful

Go to solution
Mustak Yunus
Level 1
Level 1
In response to Marvin Rhoads

‎08-10-2016 01:46 AM

Thanks Martin.

Unfortunately we ordered firewall with base licence and then realized it has a limitation of 5 VLANs. So now need to upgrade the firewall to secure plus. The part number for secure plus licence is L-ASA5506-SEC-PL=. Thanks for a quick response.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card