I thought the classic one was the actual physical module that slid into the old 5500 series devices and the CX was the software version for the X series devices?

I was able to finally log into the standby, but was thrown off when it had the hostname of the active unit. So I configured the prompt command to show active or standby within the hostname prompt.

On the older "non-X" platform, yes IPS was on an SSM Security Services Module (hardware).

On the next generation firewall 5500-X series we use software modules that can be imaged as:

1, IPS (classic style - very similar to the old hardware module),

2. CX (for WSE, AVC and.or next-generation IPS services), or

3. Firepower (IPS, URL Filtering and/or AMP Advanced Malware Protection) modules.

#1 is very near end-of-life and would not generally be recommended for new deployments. #2 was Cisco's thrust prior to the Sourcefire acquisition in 2013 and still a quite viable solution. #3 is generally recommended for new deployments, especially if the focus is on IPS capabilities.

We purchased new ones with sourcefire for a new deployment, but these have been sitting for about a year and now just being deployed. Is there a way to update the IPS? Different sku to purchase and can just slide in a new hard drive?

The physical SSD is the same on all the models 5512-X through 5555-X.

The 5585-X uses an SSP hardware blade in the /10, 20, 40 or 60 variant depending on required throughput.)

To switch from classic IPS to FirePOWER (or CX) software module you need to update your licensing, replacing the IPS subscription service with Firepower.

All Cisco ASA with FirePOWER Services appliances ship with a base license for AVC (also known as Apps). Optional subscriptions for IPS, AMP, and URL and content filtering can be added to the base appliance configuration for advanced functionality

The Cisco ASA with FirePOWER Services base configuration includes the Application Visibility and Control (AVC) function by default. This feature provides application identification and control of more than 3,000 applications, detected and classified by risk and business relevance. Customers require a Cisco SMARTnet support contract with each appliance to download application signature updates.

See the graphic attached below for more on that.

The licenses are actually loaded onto the controlling FirePOWER System Manager (FSM) which is an external VM or appliance. With that in hand you would then get the ASA to the prerequisite software level, re-image the software module and use first the bootstrap and then the system software to make the Firepower module up and ready. You run through a small setup script and then do all other operations from the FSM.

Hope this helps. Please mark your question as answered when it has been and rate helpful replies.