Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA connection design



I am looking ASA 5555-X data sheet now


The data sheet showing the max throughput is 4G.  I would like to know what happen if my I only use 1GB connection for Internet in/out?  Does is means the bottleneck will appear at network interface? 


What should the best practices?



Super Bronze

Hi, I would presume if you



I would presume if you are planning to use a single LAN and WAN physical interface on the ASA and if you have 1Gbps WAN (?) link then the above mentioned model of the ASA is not ideal for your situation unless you want to prepare for possible future expansion requirements. The GigabitEthernet interface will naturally limit how much traffic can flow through the ASA and if there is only a single physical WAN and LAN link then naturally the throughput will never be more than 1Gbps.


If you are planning on using the ASA in some part of your internal network to separate some internal networks from eachother and require more than the 1Gbps interfaces can provide then you can consider bundling the interfaces by configuring Port-Channel interfaces


Notice that the datasheet lists 2 different Throughput values. For actual user traffic I guess I would look at the other value listed which is 2Gbps. The 4Gbps value listed is for ideal traffic situations while the other value more closely estimates the throughput in a real user environment with different kind of traffic flowing through the ASA.


Though if you are planning on configuring different DMZs on the firewall that serve the internal networks and perhaps separating different networks on the firewall in general that need access through the ASA then the extra throughput that the model provides might come in handy.


- Jouni

CreatePlease to create content