Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

What ASA to use?

I work for a tourist attraction and the network is a state, no firewall, no vlans, no qos. Everything running on one subnet (very cramped), that includes corporate clients, servers, private wifi, VoIP and EPOS!! Still relatively new in the job, so not my fault!

I plan to put a Cisco ASA in place to manage the network and vlans etc, with a separate adsl/fibre router as our internet connection.  We are likely going to add visitor wifi also at some point, so we need comprehensive VLANning and PCI Compliance.

We have two points of internet presence - 1 for corporate use, 1 dedicated for EPOS and card payments systems.
I was looking at the ASA5515-K9 for the corporate use, but now thinking the ASA5515-IPS-K9, may be better.
An ASA5510 to be added on the EPOS internet link.

An additional internet link to be added for visitor wifi, and run that through the 5515.

What model of ASA would you recommend, or does what I have planned sound right?
Do you think a model with IPS is required?
Everyone's tags (1)
Hall of Fame Super Silver

Selecting from the 5500-X

Selecting from the 5500-X series (15, 25 etc.) is more driven by your throughput and number of interfaces required. Please refer to the data sheet for info on those parameters.

With respect to the IPS, I would counsel you not use the legacy IPS (-IPS models). Those are based on the old Cisco technology which is widely expected to be completely discontinued within the year. If you want an IPS, you are better off specifying a model with the CX module (and required SSD storage) and buy the Next Generation Firewall (NGFW) IPS service subscription.