We are managing an environment where currently we have 8 pairs of redundant 3750 switches in a distribution layer.
Access layer switches (2960's) about 200.
The 3750's are acting as L3 routers for traffic (connecting to a core, which we do not control) as well as providing Access-lists for security and traffic filtering between the pairs.
The ACL lines on some 3750's are reaching close to 4000 lines!! (as far as I can tell best practise is 2000max)
While we are in the process of optimizing and reducing ACL lines I am looking at an alternative of using an ASA to provide the filtering and security instead of the additional load we are currently putting on the switches.
Can anyone provide some advise on which model to use for this type of environment. Uptime is critical, the network cannot go down.
Comparisons show that the ASA 5515-X has better features and throughput in all aspects than the ASA5520. As well as being cheaper.
Can this ASA handle the ACL capacity in terms of rules and capacity for load?
And do the SSM modules provide more capacity to the ASA5520 or is it a functionality module?
Any assistance, advise or feedback will be appreciated.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...