Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Firewall upgrade - ASA5555x ?

Looking to retire our PiX 151E's this year.. Would like to move to the new ASA5555-X. Anyone know how they handle IPS ?

Is it built in with a subset of IPS features like the older ASA or does it have a full IPS feature set ? Also

will it support an IPS module ?

Thanks in advance.


Community Member

Re: Firewall upgrade - ASA5555x ?

From the FAQ IPS is included in the base hardware (does require a license) with dedicated hardware on the 5545 and 5555 models.  The module slot is for I/O only now although I'm not sure how the 5585 fits in there.  Not sure on how feature set stacks up compared to the older IPS module, hopefully someone will speak up on that.

Other helpful info on the new ASA's:

**EDIT** Woops, my bad on the "dedicated hardware IPS" info above, what I was looking at were the dual power supply support specs.  The 5545 and 5555 both support that.  Hardware IPS is built into all new ASA models hence the exclusion of a physical add-on module for that.

Hall of Fame Super Silver

Re: Firewall upgrade - ASA5555x ?

IPS on the new X series is full-featured. It runs on the same common hardware but in its own memory space which is allocated at system start. (all the new X series are 64-bit systems.)

CreatePlease to create content