So, we have an ASA at work and as the main network person I get the task of deciphering its current configuration and eventual modifications and troubleshooting. Everyone is new and as far as I know the device had its current configuration applied elsewhere and shipped here so I'm pretty much on my own. I'm not complaining as gaining firewall exposure and experience is high on my list of skills to have.
But since I don't have anyone else to learn from and the device (and access to the device) is in a room I don't have access to without an escort, there's no way to regularly review and parse its configurations. Plus a production device is not a good device to learn on as we all know!
I had planned on (eventually) getting the NP:Security (and IE:Security) but had held off on choosing hardware/emulation until that time came for obvious reasons, but with the need to learn now I need to consider what options I have. These things are EXPENSIVE though. 5510s on eBay are about $250 if I remember correctly (and are EoL), and 5506s are around $400. I looked into the ASR1000v but unfortunately it looks like that requires a service contract for download. Finally, I remember GNS3 is able to load an ASA image, but last time I did it (several years ago) it was a bit problematic, as you had to run a cpu-limiter and spend several minutes each boot to apply a license I believe. Are there any other options that are cheaper and/or easier to work with? The most expensive piece of lab equipment I've purchased so far has been about $70-80 so dishing out 3-5x that amount makes me cringe.
For books, the
ASA All-in-One book has received high recommendations, so barring replies suggesting better material, I'll be using that along with whatever "hardware" I get.
