Can anybody guide me by suggesting which one could be a better choice between a ASA and FWSM in a Datacenter environment with many VLAN's and segments. I found FWSM to be very intricate. Any suggestions would be very valuable. Thanks
I depends on your requirements. I have always preferred to use the FWSM for datacenter environments, especially if I am using a 6500 for the DC core since it is all there. You can also team to FWSM modules together to give you 10GB of thoughout.
ASA is better for environments with defined borders.
Thanks for the reply. But what i have seen in technical documents and sample configs the FWSM has some limitations regarding certain things as compared to an appliance itself. I have to make myself fully satisfied before ordering the FWSM's to replace the PIX which are doing the job currently. The non-exsistence of physical interfaces on FWSM, i feel is making the configurations a little bit difficult i guess and i also feel the placement of VLAN's will be critical while designing / configuring security contexts, that too with just the default 2 contexts. Any more inputs on this will be highly useful for me. Thanks.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...