Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Question on Cisco ASA's... do all the features slow it down?

From: "Brett Cunningham" <cssniper22 () gmail com>
Date: Wed, 5 Dec 2007 14:07:55 -0600
The IPS feature does slow it down. Of course the more you do with the
packets, the slower it will get. I'd still recommend the ASA with the
SSM though. For the 5510, here is the specs:

Feature

Firewall throughput      Up to 300 Mbps

Concurrent threat mitigation throughput (firewall + IPS services)
 • Up to 150 Mbps with AIP-SSM-10
• Up to 300 Mbps with AIP-SSM-20


VPN throughput           Up to 170 Mbps

(see: http://www.cisco.com/en/US/products/ps6120/products_data_sheet0900aecd802930c5.html)


If 150 Mbps is okay, go with the SSM-10. Otherwise, the SSM 20 hardly
slows it down.

I think the ASA is a huge leap from the PIX and would suggest the ASA
over the PIX.



On 12/4/07, John G. <isaac737 () gmail com> wrote:

hello list,

we are currently running Cisco PIX 515E's with 128 Megs of RAM.  the problem
is their CPU's are getting up to high 80% usage.  gone through a bunch of
troubleshooting things and i think it is just time to upgrade.

my question is do the IDS/IPS features of the ASA make it kinda slow?  i
would hate to have us upgrade to these devices just to find us in the same
spot.  what do people think of the ASA's as compared to the vaunted PIX?

we were thinking of getting this model: Cisco ASA5510-SEC-BUN-K9

thanks much,
jg


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: