Firewall Wizards mailing list archives
Re: Thoughts on the new Cisco ASA 5500 firewalls
From: Chris Byrd <cbyrd01 () gmail com>
Date: Thu, 19 May 2005 09:41:18 -0500
I just spoke with a Cisco sales rep about this. According to him, the ASA 5500 is running the same OS as the latest Pix FWs (7.0), with the other stuff bolted on top. It is also running the same ASICs as their IPS devices. That does make me feel a *little* better about this, but I do still need to eval one in person. Thanks for your input, - Chris On 5/19/05, Paul Melson <psmelson () comcast net> wrote:
Cisco is marketing the ASA 5500 appliances as PIX, VPN Concentrator, Secure IDS, and network anti-virus in a single box. Which leads me to believe that it's either brand-centric marketing hype gone overboard (caveat emptor), or that there is some actual code convergence. If the latter is true - which is not so impossible, since only the VPN 3K code needed porting to x86, PIX and Secure IDS have been there forever - then that should make Chris' decision pretty easy. If it's a PIX plus other possibly irrelevant, or at least out of scope features, buy the PIX. I've not had any experience with the ASA 5500 appliances, but I've been elbow deep in several other 'converged' security devices. It is my NSHO that when you combine several products, none of which are best-of-breed, into a single box, what you end up with is a box that does a lot of things, but none of them well AND can't scale or handle big loads. PaulM -----Original Message----- Subject: Re: [fw-wiz] Thoughts on the new Cisco ASA 5500 firewallsWhat are your thoughts on the new ASA from Cisco? Would the additional features (IPS, AV, integrated VPN, active-active failover) be worth the risk of being on the cutting-edge? Has anyone on the list worked with one yet?The only time I'd ever deploy a new-to-the-market product was if I had time to evaluate it personally. Do the new features outweigh the risk of having an upset or worse yet- unprotected client? Only you *and* the client can answer that. Their risk tolerance is probably the biggest piece of input you can have.
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Thoughts on the new Cisco ASA 5500 firewalls Chris Byrd (May 18)
- Re: Thoughts on the new Cisco ASA 5500 firewalls Paul D. Robertson (May 19)
- RE: Thoughts on the new Cisco ASA 5500 firewalls Paul Melson (May 19)
- Re: Thoughts on the new Cisco ASA 5500 firewalls ArkanoiD (May 20)
- Message not available
- Re: Thoughts on the new Cisco ASA 5500 firewalls Chris Byrd (May 19)
- Re: Thoughts on the new Cisco ASA 5500 firewalls Tichomir Kotek (May 20)
- Re: Thoughts on the new Cisco ASA 5500 firewalls ArkanoiD (May 20)
- Re: Thoughts on the new Cisco ASA 5500 firewalls Marcus J. Ranum (May 20)
- Message not available
- Re: Thoughts on the new Cisco ASA 5500 firewalls Marcus J. Ranum (May 21)
- Re: Thoughts on the new Cisco ASA 5500 firewalls Chris Byrd (May 24)
- RE: Thoughts on the new Cisco ASA 5500 firewalls Paul Melson (May 19)
- Re: Thoughts on the new Cisco ASA 5500 firewalls Paul D. Robertson (May 19)