Cisco ASA 5512

Kalpesh Devmurari · ‎04-04-2017

Hello Everyone,

I am running with Cisco ASA 5512 hardware with Firewall, VPN and IPS functionality. Just wanted to check if I can add other security features like Anti-Virus, Anti-Spam, Web & App filtering, WAF to the device. Not sure how to integrate Firepower functionality with my Cisco ASA 5512 without making any changes in hardware. I want to implement all security features.

Please advise.

LSF · ‎05-04-2017

Hi,

you must un-install your IPS module - reinstall the SFR module which will give you Firepower services for ASA. You can then keep the VPN functionality as you will still have your ASA running as before. Then you will have the ability to run URL filtering, NG-IPS, and AMP(advanced malware protection).

second option is to wait for the FTD 6.2.1 release coming with is the new consolidated image with also includes remote access VPN.

Hope that answers your question.

/Linda

Samer R. Saleem · ‎05-09-2017

hi,

you can use get TAM, TAMC license which is used for advanced malware protection and the latter one for URL filtering as well, but it wont work as anti-virus, you need to have distributed layers of security

for example

client antivirus

server antivirus

email security

firewall or Next generation firewall

plus many security features that need your proactive approach to enable and use.

good luck

Dennis Perto · ‎05-10-2017

The only hardware change you need to install Firepower is an addition of a 120GB SSD drive.