Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IPS for ASA 5500-X Series Question


I have few question on ASA 5500-X and Integrated IPS, like ASA5555-IPS-K9:

1.  What is the next gen firewall IPS feature on ASA5500-X without the additional IPS module? What is the difference between having only a next gen firewall ASA 5500-X versus having it with the IPS module enabled?

2. Is it possible to configure the ASA Integrated with IPS device, like ASA5555-IPS-K9, to pass traffic through IPS first and then ASA? The document suggests that traffic has to be processed by ASA Firewall policies and then sent to IPS module. I am wondering if there is option available to pass through IPS first.

3.    If you have Next-Gen Firewall with integrated IPS, like ASA5555-IPS-K9, do you still need Botnet Filter license on the same ASA? The Next-gen firewall and IPS should be able to do the same job, I guess??

4.  Is there any difference in functionality and capabilities if you have this integrated IPS versus a stand-alone IPS device, for example Cisco 4500 IPS? Is there any new Roadmap announcement approaching for ASA5555-IPS-K9  product?



Community Member

IPS for ASA 5500-X Series Question

If anyone can answer even few of these questions it will be really helpful.

CreatePlease to create content