Is ASA 8.0 ready for prime time yet?

jkeeffe · ‎09-26-2007

I'm getting ready to migrate our 3030 concentrator to an ASA5540 which came with 7.2 software. We will only be using the ASA for IPSec VPN (client and lan-2-lan) and SSL client access. No firewall useage at all as this will be in parallel with our main firewall.

Should I stick with 7.2 or is it recommended to move to 8.0 yet?

ajagadee · ‎09-26-2007

Hi,

7.2 has been out for a while and has gotten a lot of exposure in the field. So, if you do not need any new features in the 8.0 code, stick to 7.2 on the ASA. For example, if you need to turn on EIGRP on the ASA, then you have to go to 8.0.

Please refer the below release notes for new features.

http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/asarn80.html#wp229690

Personally, I am a person who likes to run a mature version unless I run into a software caveat or something that is fixed in the latest release.

I hope it helps.

Regards,

Arul

** Please rate all helpful posts **

Danilo Dy · ‎09-27-2007

Hi,

I agree with Arul. I've been using 7.2(2) in ASA and PIX for firewalling, IPSec VPN, SSL VPN, S2S VPN without any glitch. I have encountere a lot of problem with its predecessors though. In my experience, 7.2(2) is stable. However, it all depends on the feature that you need though.

Regards,

Dandy