Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA or FWSM?

Hi All,

I have the following scenario. We have 2 6509s running HSRP on the distribution layer. These 2 boxes are connected using Layer 2 links to the access switches.

One of the access switches is also a 6509 and it needs to be firewalled off from the rest of the network.

I am debating whether to buy a pair of FWSM modules or go with a pair of ASAs. Also, we are running EIGRP between the distribution and core.

If I go with FWSMs for the distribution 6509, will it be better to place the MSFC inside or outside?

thanks,

1 REPLY
Hall of Fame Super Blue

Re: ASA or FWSM?

Hi

A lot depends on your future requirements and the throughput you need. For raw throughput the FWSM is the one to go with.

If you can see in future a need to firewall many different vlans within your 6500 infrastructure, again FWSM's could be the better option.

But they are expensive and to simply firewall off one switch it is a costly option.

You should place the MSFC in front of the FWSM ie. any vlans you want to firewall should have their L3 interface on the FWSM.

HTH

Jon

115
Views
0
Helpful
1
Replies
CreatePlease to create content