I got myself pretty excited about deploying an ASA 5525X because of the forthcoming product. It would replace our existing ASA 5520 (with IPS). But I heard a rumor that IPS and CX are incompatible in the same unit. Can anyone confirm or deny?
There are two statements in the Q&A to that topic:
Which ASA platforms will support ASA CX?
A. Initially, ASA CX will be delivered as a hardware module on the Cisco ASA 5585-X security appliance. At FCS, ASA CX will be supported on the ASA 5585-10 and ASA 5585-20. In the near-term future, a software version of ASA CX will be released, which will be supported on the newly released ASA 5500-X Series of next-generation midrange security appliances.
Does ASA CX support IPS functionality?
A. Not at FCS. IPS capabilities will be embedded into ASA CX in a near-term future release.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...