Cisco ASA 5505 Pre-Purchase Questions

Posted on 2012-09-18
Last Modified: 2013-11-29

I have a Pix 501 that I am thinking should get retired and upgrade to an ASA 5505.  Small shop of 10 computers four of which are servers.  I am looking at Ebay to save money (no deep pockets here !).

I am thinking of going with the security plus.  Why not ?  Better DMZ capabilities.  Might be over-kill in this situation but I would rather have the increased capabilities from the get go as it would probably be more expensive to add them later.  Agree ?

I think most of the 5505's come with 512 MB of RAM.  I have seen a couple at 1 GB.  Is 512 enough ?  I see you can buy DIMMs for these.  Has anyone every opened these up to add more memory ?  Flash seems to be 128 MB.

Anyone put a AIP-SSC-5 card in one of these ?  Looks like you can do a lot with it.  The $1200-1500 price tag is a little steep though.

Some listings have something like V09 when describing the product.  What exactly is that ?  Are there different iterations of the 5505 ?  I know it came out in 2006.

I see some Cisco routers or other gear have come out that they have privacy issues and auto-upgraded their firmware on them.  I have not heard that of this device.  Anyone heard similar comments of the 5505 ?

Anything you want to add go ahead.  I looked at SonicWall and WatchGuard but I don't know if I want a monthly fee for a firewall.  If I have problems programming I can get help so not afraid of working with the ASA.

Thanks for your assistance.  I am close to putting in an order !
Question by:pizzaman7
    LVL 34

    Accepted Solution


    DMZ need, if you want to publis serveres to internet, but if you buy this license (GPL price 750USD) only 10 computer able to communicata through the ASA, if you want more computer you need 10-50 or 10-UL upgrade

    512 MB RAM enough for the ASA, you not need more memory for the latast images....

    If you buy AIP-SSC-5 you need to bus SUSA for it to download the news update from cisco, why do you want to use it?

    Some devices caomses K8 images, they only accept DES, if you need 3DES (K9), you need a free license:

    Yes, it has autoupdate feature:
    Configuration > Device Management > System Image/Configuration > Auto Update

    I like ASA, but, Sonicwall is cheaper

    Author Comment

    AIP is going to be out of the question.  Can't afford it.  Looks cool but not a necessity.

    I never paid for the Cisco Software Assurance program so that is why the Pix I have is pretty out-of-date.  If you do that the ASA will be pretty cheap compared to the SonicWall !  Perhaps I should buy it and do a better job keeping an ASA up-to-date.

    I like the idea of programming a firewall myself and very big on privacy.  I don't know if I want the device tied closely to the manufacturer like SonicWall and WatchGuard seem to be to their devices.

    Thank you for your good information.

    Author Comment

    After doing some shopping I am thinking that I will go with a base model. The base handles 100 Mbps and I am currently on 12 Mbps. The base handles quite a few simultaneous connections so even if my media server gets bombarded I should be fine. Having only 10 machines won't matter as they are not all running at the same time anyway.

    I have to go to used unit to get a security plus license at a reasonable cost. A lot of sellers don't even know how old the units are and I am not comfortable taking a unit that might already have had a good amount of wear and tear. I will say that my Pix has been running 24x7x365 for seven years and may be I reset it 12 times in that span.

    I can't see myself going to crazy with vlans or trunking. I can have a DMZ if I choose.

    I might as well save the money and buy a new unit around $300 !

    Author Closing Comment

    Thanks !

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now