Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IPS functionality addition on ASA5585-S40-K9

Hi,

I sold two quantity of ASA5585-S40-K9 to a customer. They are in HA configuration and running 9.1 software image. Now customer wants to have IPS functionality on these ASA devices. I need your help on following two points:

1. Can you please share the BOM to add the IPS functionality on these existing ASA devices?

2. Can the IPS functionality thus added work on Active-Active? Kindly help me understand.

 

Thank you.

Regards,

Ram

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Hello Ram,The IPS that will

Hello Ram,

The IPS that will be available on this platform is a software based so no module is needed.

You will be needing the license to enable the IPS on the ASA itself and then one license applied on the IPS for the signatures.

Then eveything else will be working the same as any ips module.

 

Regards,

 

Laura 

 

 

 

3 REPLIES
Community Member

Hello Ram,The IPS that will

Hello Ram,

The IPS that will be available on this platform is a software based so no module is needed.

You will be needing the license to enable the IPS on the ASA itself and then one license applied on the IPS for the signatures.

Then eveything else will be working the same as any ips module.

 

Regards,

 

Laura 

 

 

 

Community Member

Thank you Laura,  thanks

Thank you Laura,  thanks Hesam, appreciate your help.

Community Member

Hello everyone,As far as I

Hello everyone,

As far as I know the IPS funtionality in 5585-x is only supported through SSP modules and the mentioned model has this module installed in it. The license you need for the IPS funtionality for 1 year can be achieved through the following part number:

ASA5585-40-IP1Y=

You can use the following part number for signature update:

L-ASA5585-40-1SCA=

You can extend the time for IPS functionality up to 5 years and signature update up to 3 years.

Regarding A/A configuration, there is no obstacle and you can implement IPS functionality using virtual sensors.

Regards,

Hesam

 

115
Views
0
Helpful
3
Replies
CreatePlease to create content