Replace PIX515E for ASA 5520?

C

Carlosinfl

Loves the juice
Joined
Sep 25, 2002
Messages
6,633
I currently have a PIX 515E as my corporate Firewall and it is doing fine however someone just said they purchased a ASA 5520 and have never even turned it on. Now I am getting ready to enable VPN on the PIX with LDAP authentication to my AD server. I am wondering if you guys feel it is worth me moving my Firewall from the 515E to the ASA 5520?

Thanks for any suggestions...
 
What pix software version are you running? this could be simple or a pain in the butt.

The 5520 is a darn good device, i would be tempted to switch if it was no cost lol
 
k1pp3r said:
What pix software version are you running? this could be simple or a pain in the butt.

The 5520 is a darn good device, i would be tempted to switch if it was no cost lol
Click to expand...
IMO, it's a no brainer. The 515E has been end-of-lifed, the ASA are the replacements. ASAs are quite a bit nicer than the PIX's as well. I would do it in a heart-beat. Plan it out, do some preliminary testing and you should be good.
 
supergper said:
IMO, it's a no brainer. The 515E has been end-of-lifed, the ASA are the replacements. ASAs are quite a bit nicer than the PIX's as well. I would do it in a heart-beat. Plan it out, do some preliminary testing and you should be good.
Click to expand...

With the client environments i have, i would do it in a heartbeat also, i was just thinking that depending on his current business needs and uptime needed. Sometimes people don't wanna change if something is working.
 
Thanks all. I checked in ASDM and it tells me my "PIX Version = 7.2(4)"

I don't know if that means IOS version or what. It looks like I will be moving everything over to the ASDM since it is a free piece of equipment and all I have to do is purchase support for the appliance.
 
Carloswill said:
Thanks all. I checked in ASDM and it tells me my "PIX Version = 7.2(4)"

I don't know if that means IOS version or what. It looks like I will be moving everything over to the ASDM since it is a free piece of equipment and all I have to do is purchase support for the appliance.
Click to expand...

It should have all the licensing you need, but just make sure it will handle all your clients
 
k1pp3r said:
With the client environments i have, i would do it in a heartbeat also, i was just thinking that depending on his current business needs and uptime needed. Sometimes people don't wanna change if something is working.
Click to expand...
I understand that but, IMO, that attitude (don't replace it if it's working) is what causes a lot of problem environments. You know the environments that have the really old equipment no one knows about and they don't dare touch because no one knows anything about it and it's always just worked so no one has had to do anything with it :D
 
supergper said:
I understand that but, IMO, that attitude (don't replace it if it's working) is what causes a lot of problem environments. You know the environments that have the really old equipment no one knows about and they don't dare touch because no one knows anything about it and it's always just worked so no one has had to do anything with it :D
Click to expand...

Like the dual P3 docstar server running 2000 server i just replaced, lol

Yeah i know what you mean, but there are still a lot of people that support PIX, i get cisco support on one all the time for the one 505 i still have out there.

I love having the new equipment, but i'm in a high enough position in my company to say we need it and get it, lol. Most people have bosses that just don't let them
 
k1pp3r said:
Like the dual P3 docstar server running 2000 server i just replaced, lol

Yeah i know what you mean, but there are still a lot of people that support PIX, i get cisco support on one all the time for the one 505 i still have out there.

I love having the new equipment, but i'm in a high enough position in my company to say we need it and get it, lol. Most people have bosses that just don't let them
Click to expand...
.
;)
 
supergper said:
I understand that but, IMO, that attitude (don't replace it if it's working) is what causes a lot of problem environments. You know the environments that have the really old equipment no one knows about and they don't dare touch because no one knows anything about it and it's always just worked so no one has had to do anything with it :D
Click to expand...

That's a nightmare of mine. We just shedded a whole slew of old Compaq Proliants which even a few had Pentium Pros! They were test machines, but still... Our oldest desktop, on the other hand, has a Pentium D 925. :)
 
/thread digress

We had some old Proliant Novell boxes that hadn't been booted in like 5 years. Needless to say we had to ensure we had spares when we moved from one building to the other. That was a very interesting time because we all let out a collective sigh of relief when they powered back up. :D
 
You must log in or register to reply here.
Back
Top