Upgrade to CISCO ASA

I have CISCO PIX 515E with firewall version 6.3 and PDM version 3.0(1) at my two sites. We have site to site VPN. I want to upgrade those both sites to CISCO ASA. Below is my show vesion output. Could you please suggest me which ASA I should go for. And also , is there any specific features I will  require from the new ASA, typically IPSec VPN , SSL VPN any IPS requirements and so forth.
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB

0: ethernet0: address is 0009.7cb4.09bc, irq 10
1: ethernet1: address is 0009.7cb4.09bd, irq 11
2: ethernet2: address is 0002.b3a0.0b18, irq 5
Licensed Features:
Failover:           Enabled
VPN-DES:            Enabled
VPN-3DES-AES:       Enabled
Maximum Interfaces: 6
Cut-through Proxy:  Enabled
Guards:             Enabled
URL-filtering:      Enabled
Inside Hosts:       Unlimited
Throughput:         Unlimited
IKE peers:          Unlimited

This PIX has an Unrestricted (UR) license.

Serial Number: 406171466 (0x1835af4a)
Running Activation Key: 0x9f1d99ad 0xb62bf1af 0x1c1d3a40 0x3af39389
Configuration last modified by enable_15 at 10:24:04.623 UTC Tue Nov 11 2008

Who is Participating?
ricks_vConnect With a Mentor Commented:
I would definitely use asa 5505 based on your previous pix overview.
5510s are mostly used in the data centre. Just keep in mind ASA configs are slightly different compared to PIX.

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs               : 25
Inside Hosts                : Unlimited
Failover                    : Active/Active
VPN-DES                     : Enabled
VPN-3DES-AES                : Enabled
Security Contexts           : 5
GTP/GPRS                    : Disabled
VPN Peers                   : 250
WebVPN Peers                : 2

Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs                       : 3, DMZ Restricted
Inside Hosts                : Unlimited
Failover                    : Disabled
VPN-DES                     : Enabled
VPN-3DES-AES                : Enabled
VPN Peers                   : 10
WebVPN Peers                : 2
Dual ISPs                   : Disabled
VLAN Trunk Ports            : 0
Pete LongConnect With a Mentor Technical ConsultantCommented:
Hello lotusboy,

The chassis replacement for a PIX 515E is an ASA5510 - you if you have a DMZ you will need it with a Security Plus Licence


Pete LongTechnical ConsultantCommented:

scroll down a bit on this page for platforms and licenses  http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80402e39.html

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.