Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 504
  • Last Modified:

Cisco ASA 5505

I was wondering if anybody could give me some advice - there will be three servers (web/mail/TS) in a data centre, we are thinking of putting them behind ASA 5505 firewall - there won't be any local users and any VPN connections - all access will be from the outside - I'm comfortable in saying that ASA's 10000 concurrent connection limit would be fine.
As I understand it - ASA's 10 user limit is based on translation table what should be just fine in our case (6 static translations) - the only concern I have is performance.
Can anybody advise on it?

thanks

 
0
rxal
Asked:
rxal
  • 2
  • 2
1 Solution
 
lkravenCommented:
With no VPN in place, the ASA 5505 is capable of an aggregate 150Mbps.  I don't know the size of your uplink to the internet, but I suspect that you will saturate it well before the ASA will hit any bandwidth limitations.

The 10 "user" limit is based on the number of IP addresses behind the firewall, so you won't run into that as an issue either.

Transit time through the ASA 5505 is not much different from any other security appliance-- you will add a hop, but the box itself doesn't add much more latency than other firewall appliances that cost less than $10k.

It seems to me that the ASA is ideally suited for this particular use, IF you want to stay with Cisco.  If not, there are a variety of other good options, Fortinet and Juniper being two I favor, but once it's set up, they'll all be very good choices, the ASA 5505 included.
0
 
rxalAuthor Commented:
thanks lkraven - the servers will be on 100MBit/100Mbit uplink what I believe won't be of any problem

By the way are they much different to PIX firewalls in terms of setup?
 

0
 
lkravenCommented:
The ASA CLI continues to get more and more IOS like, but if you are familiar with how the Pix works, it is not very much different.
0
 
rxalAuthor Commented:
ok - the more IOS like the better for me as to be honest I didn't like the differences between PIX CLI and Routers CLI - thanks again
0

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now