Can anyone provide a link or some quick bullet points on the functional differences between the sourcefire implementation on the Meraki MX security appliances compared to a new ASA 55xx-X w/ FirePOWER ?
- Inline: Next Gen IPS - Multi-port GE/10GE/40GE - Anti-Malware- Network & Agent based - Web filtering - Application control across all ports - SIO & VRT Threat Intelligence - Defense Center- Threat Detection Correlation view - Internet B/w from 50Mbps - 60 Gbps – High Performance Platform
for the firepower please review the following links for each series Specs: http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/datasheet-c78-732253.html
Any updates on what you guys evaluated? I'm looking into ASA-X and Meraki. From what I'm reading ASA 5516-X comes with FireSight Management Center (using ASDM) without purchasing a separate VM. Is it correct?
I have used Meraki in the past and love its simplicity. But I heard ASA-X is completely different "animal" now compared with the old ASA. Thanks in advanced.
Thank you very much for the information. That's great to know. One last question regarding the FireSight Management console, do you guys use the VM box for it? I was hoping ASA5516-X has the built-in for this so I don't have to purchase the VM. The hardware, licensing, and subscription for the ASA is already very expensive and adding the VM box is way too much for us. I'd like Meraki but like you've mentioned, if we need to have more level of control in the future...
no probs, We used the VM. To be honest we didn't know about the built in ASDM until we read some info stating that :)
Id say reach out to your Account Manager and have them setup a webex with an engineer.
Other than that id say from general product experience (And this is just my opinion)
1. You wouldn't get the same amount of control
2. Its probably for companies that are not into the whole virtualization arena as yet and its just to get you up and running quickly. Which means, you may not want to get into that level of granularity.
Also, if you are ever going to do any type of failover on ASA models with Firepower you need the Management Centre.
The big thing is the Management Centre so clear that up really good. Doing some quick googling doesn't bring up and ASDM FIREPOWER type of results so that might also indicate its level of usage.
Also a note that the ASA and firepower is one but two :)..its in one appliance but you configure it separate from the ASA as well. The learning curve to setup properly isn't that bad, and as I mentioned, take some time to learn it and don't do a Meraki feature to Feature comparison unless you are weighing out Meraki as an actual option.
My final opinion
To be safe, go with the Management Centre VM unless you get that clarification from your Account Manager
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :