01-29-2008 09:36 AM - edited 03-11-2019 04:55 AM
Could someone tell me the basic differences between PIX and ASA?
What additional services and advantages does the ASA offer? In lamens terms and realistic terms to business needs etc..?
01-29-2008 10:07 AM
Different device running the same code with the
following exceptions:
1- ASA can terminate SSL vpn. Pix can not,
2- You can IPS on the ASA with additional
modules. Pix can not do that,
3- new hardware on ASA.
Other than that, there is not much of a
difference.
CCIE Security
01-29-2008 10:14 AM
The PIX just went EoS so if you're looking to purchase, go with the ASA.
http://cisco.com/en/US/products/hw/vpndevc/ps2030/prod_eol_notices_list.html
01-30-2008 08:37 AM
thanks for that.
very useful information
so the ASA is now the main option for firewall needs
i had wondered why the 2 were still being sold in parallel as the ASA seemed to offer so much more!
01-30-2008 09:13 AM
Thanks for the link. Since this past July, I've been recommending to all my clients that they go with the ASA. It did confuse me that I didn't see any end-of-life announcement since it was really obvious that the 5505 was replacing the low end 501 and 506 and they couldn't be upgraded to a recent firmware version either. I wonder why it took them so long.
01-30-2008 09:19 AM
There are a number of things that determine when an old product can go EoS. One major item is FIPS/Common Criteria. The new platform should (must really) attain certification/approval before the old one can be EoS/EoL.
http://www.cisco.com/en/US/docs/security/asa/asa70/hw/fips_asa.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide