Firewall Wizards mailing list archives
Re: Cisco ASA and FWSM
From: "Douglas C. Stephens" <stephens () ameslab gov>
Date: Thu, 26 Apr 2007 08:09:45 -0500
There is also a difference in performance and price. The ASA 5500 line are external standalone devices with, for the most part, the capabilities of a VPN 3000 concentrator built-in. The packet throughput is about what you'd expect from a standalone device with Gig-E interfaces, say around 600 Mb/s. Also, the CPU engine in the ASA 5500 series is faster than what you find in a PIX. An FWSM on the other hand is, as has been said, an ASA on a blade. These don't generally come with VPN concentrator capabilities. However, they can take about 5.5 Gb/s of aggregated throughput in 1 Gb/s streams. Part of this enhanced performance comes from the fact that they hook directly into the backplane of a Cisco 6500 switch. I believe a Sup720 supervisor is also required. At 05:00 PM 4/25/2007, Avishai Wool wrote:
AFAIK the FWSM is essentially a PIX 7.x that is stuck inside a catalyst switch chassis. and an ASA is a PIX 7.x that is bundled with some other (non-firewall) security functions . the configuration language was 99.9% compatible between the ASA and the FWSM, at least as of PIX 7.0. I'm not sure if Cisco kept the code-bases evolving in sync - there were a few months in which FWSM was shipping but PIX 7.0 was not released yet... In my opinion, the main differences are "form factor" and pricing. If all you need is a firewall then you don't care about the other things the ASA may do. If you already have a Catalyst with an empty expansion bay - it may be convenient to get a FWSM (e.g. less rack-space). HTH, Avishai On 4/13/07, Kimberly Fields <kimberlymfields () gmail com> wrote:Can anyone tell me what, if any, are the differences between the Cisco ASA firewall features and the Cisco FWSM firewall features? _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards-- Avishai Wool, Ph.D., Cell: +972-52-333-0052 Co-founder and Chief Technical Officer http://www.algosec.com ******* Firewall Management Made Smarter ****** _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
-- Douglas C. Stephens | Network/DNS/Unix/Windows Administrator System Support Specialist | Postmaster / Webmaster Information Systems | Phone: (515) 294-6102 Ames Laboratory, US DOE | Email: stephens () ameslab gov _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Cisco ASA and FWSM Kimberly Fields (Apr 24)
- Re: Cisco ASA and FWSM Avishai Wool (Apr 26)
- Message not available
- Re: Cisco ASA and FWSM Douglas C. Stephens (Apr 26)
- Message not available
- Re: Cisco ASA and FWSM kevin horvath (Apr 27)
- Re: Cisco ASA and FWSM Avishai Wool (Apr 26)
- Re: Cisco ASA and FWSM Security Guy (Apr 26)
- Re: Cisco ASA and FWSM D Sharp (Apr 30)
- Re: Cisco ASA and FWSM kluivert (Apr 30)