ASA 5505 instead of a 5510?

RoguetadhgRoguetadhg CompTIA A+, Network+.Member Posts: 2,489 ■■■■■■■■□□
So Im looking to buy an ASA. I bought the CCNA:Security lab manual (1.1). It's using the ASA 5510.

Do you think I can get away with using the 5505?


I've searched on the websites for the differences- but all I can discern is that the 5510 has an IPS module. ...which in all fairness isn't any different than what the OCG is telling me.

The difference (used) is just $1000. Ya know. icon_rolleyes.gif

Edit: Comparison- http://www.cisco.com/en/US/products/ps6120/prod_models_home.html



Cisco ASA 5500 Series1

Part Number



Cisco ASA 5505 Appliance with 10-User Firewall License, 8 FE

ASA5505-BUN-K9



Cisco ASA 5505 Appliance with 50-User Firewall License, 8 FE

ASA5505-50-BUN-K9



Cisco ASA 5505 Appliance with SW, Unlimited Users, 8 FE

ASA5505-UL-BUN-K9



Cisco ASA 5505 Appliance with Unrestricted Firewall License, Security Plus, 8 FE

ASA5505-SEC-BUN-K9



Cisco ASA 5510 Appliance with 5FE

ASA5510-BUN-K9



Cisco ASA 5510 Appliance with Security Plus, 2GE, 3FE

ASA5510-SEC-BUN-K9


In order to succeed, your desire for success should be greater than your fear of failure.
TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

Comments

  • drkatdrkat Banned Posts: 703
    No real difference except the license and IPS and supported vpn connections but for labbing a 5505 is fine..
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,746 ■■■■■■■■■■
    As I understand it, the 5505 is fine for the CCNA:Security.
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    As I understand it, the 5505 is fine for the CCNA:Security.


    I agree, I am going the security route and asked this same question and even though I will purchase a 5510 (later 2) the the consensus is that a 5505 will carry you through CCNA-S, only in the later stages will you require 5510 for multi context, IDS/IPS/HA

    Someone please correct me if I am off base with that assumption.
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • RoguetadhgRoguetadhg CompTIA A+, Network+. Member Posts: 2,489 ■■■■■■■■□□
    It makes sense, RouteMyPacket.

    On the certificationkit site, they list the 5505 under their "premium" ccna kit.

    For the CCSP, a 5510, 5505 and a PIX 506. Although, I'm not sure if they've updated the CCSP kit as it's "CCNP:Security" now.
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

  • spiderjerichospiderjericho CCNA, CCNP Enterprise, CISSP, CASP, SEC+, Pentest+, CYSA+, CISA, CGEIT, CRISC, CISM, VCP 6.7 San DiegoRegistered Users, Member Posts: 869 ■■■■■□□□□□
    Doesn't the 5510 and up have a specific type of failover/redundancy that is tested on the CCNP Security? Couldn't you just use GNS3?
  • spiderjerichospiderjericho CCNA, CCNP Enterprise, CISSP, CASP, SEC+, Pentest+, CYSA+, CISA, CGEIT, CRISC, CISM, VCP 6.7 San DiegoRegistered Users, Member Posts: 869 ■■■■■□□□□□
    Here's a comparison off the Cisco site:

    Cisco ASA 5500 Series Adaptive Security Appliances Compare Models - Cisco Systems

    It seems like you'd probably run into issues with CCNP Security, possibly the Firewall and IPS. I know of people who just used GNS3.

    Nothing wrong with buying one to play with but if you plan on moving up it'll probably make more sense to use GNS3 or a rack rental.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    I bit the bullet today and bought the ASA 5505 - Looking forward to this!
  • SteveO86SteveO86 Member Posts: 1,423
    GNS3 cannot run any of the newer ASA code, only 8.0(2) -If I remember correctly.

    A 5505 will be good for CCNA-S, with the CCNP-S the 5505 doesn't cut it because of the High Available (Active/Standby requirements)

    The new CCNP-S track focuses on ASA 8.4 code - For FIREWALLv2 and VPNv2 exams. So PIX is not covered on CCNP-S nowadays.
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • spiderjerichospiderjericho CCNA, CCNP Enterprise, CISSP, CASP, SEC+, Pentest+, CYSA+, CISA, CGEIT, CRISC, CISM, VCP 6.7 San DiegoRegistered Users, Member Posts: 869 ■■■■■□□□□□
    They have 8.4 and ASDM running on GNS3. Just did a Google and have seen numerous threads on several forums.

    I recall a thread on this forum in which someone passed the firewall exam recently using simply GNS3.

    I wouldn't be surprised of they somehow get IOS 15 on this resilient program.
  • IristheangelIristheangel CCIEx2 (Sec + DC), CCNP RS, CCNA V/S/R/DC, CISSP, CEH, MCSE 2003, A+/L+/N+/S+, and a lot more from m Pasadena, CAMod Posts: 4,133 Mod
    I got lucky. We ordered a 5505 for a site that didn't end up using it so I have it sitting on my desk at work for play. I doubt I'll get that lucky if I go the CCNP:Security route and need some more hardware.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    ^ The benefits of being a Network Engineer I suppose :)

    I briefly looked away from the computer screen as I selected 'place order' for a device that cost nearly as much as my entire current lab...
  • IristheangelIristheangel CCIEx2 (Sec + DC), CCNP RS, CCNA V/S/R/DC, CISSP, CEH, MCSE 2003, A+/L+/N+/S+, and a lot more from m Pasadena, CAMod Posts: 4,133 Mod
    I didn't really originally count on it. I ended up buying this before the ASA 5505 landed in my lap. It's not bad:
    ProfSIMS Cisco Simulator Main Page (NetworkSims.com)
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
  • RoguetadhgRoguetadhg CompTIA A+, Network+. Member Posts: 2,489 ■■■■■■■■□□
    Where did you order your 5505, YFZblue?
    Irish is just a show off. I mean, look at all those CIW certs! She'll be able to javascript whole NES games by the time Christmas comes!

    As far as doing ASA on the GNS3, it has problems working. I just don't want a matter of "It doesn't work because of GNS3"!

    I got the CCNA:Security Version 1.1 lab manual. It's calling for the 5510, whereas the book, the 5505 is what's used. Arrr Matey!
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,746 ■■■■■■■■■■
    I feel the same way about running an ASA through GNS3. I'm waiting for a good deal on eBay. Does anyone know of a simulator for the ASA5510s?
  • RoguetadhgRoguetadhg CompTIA A+, Network+. Member Posts: 2,489 ■■■■■■■■□□
    Iris' link is pretty darn spectacular. It lists PIX & ASA. But I've never used it, so I don't know how close it is. Needless to say, I have high hopes.
    In order to succeed, your desire for success should be greater than your fear of failure.
    TE Threads: How to study for the CCENT/CCNA, Introduction to Cisco Exams

  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Roguetadhg wrote: »
    Where did you order your 5505, YFZblue?
    Irish is just a show off. I mean, look at all those CIW certs! She'll be able to javascript whole NES games by the time Christmas comes!

    As far as doing ASA on the GNS3, it has problems working. I just don't want a matter of "It doesn't work because of GNS3"!

    I got the CCNA:Security Version 1.1 lab manual. It's calling for the 5510, whereas the book, the 5505 is what's used. Arrr Matey!

    I ended up going the Amazon route. My wife is an accountant for a reseller, so my future purchases will have some type of employee discount hopefully :) Unfortunately she just started at this place and really didn't feel comfortable asking yet.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,746 ■■■■■■■■■■
    Roguetadhg wrote: »
    Iris' link is pretty darn spectacular. It lists PIX & ASA. But I've never used it, so I don't know how close it is. Needless to say, I have high hopes.

    I'm wondering how much it can do ASA wise. I'm noticing that it focuses on the PIX.

    @Iris: Please tell us if this lets us use ASA5510 features? It looks neat for sure.
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    They have 8.4 and ASDM running on GNS3. Just did a Google and have seen numerous threads on several forums.

    I recall a thread on this forum in which someone passed the firewall exam recently using simply GNS3.

    I wouldn't be surprised of they somehow get IOS 15 on this resilient program.

    Yes, I am running the latest SW in GNS3 for ASA, no problem
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    I was looking into the IPS module to insert into the 5505 - Well over $1,000 - Woof!
  • SteveO86SteveO86 Member Posts: 1,423
    YFZblu wrote: »
    I was looking into the IPS module to insert into the 5505 - Well over $1,000 - Woof!

    They are now EOL/EOS I beleive so the prices should drop on them soon enough.
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • BroadcastStormBroadcastStorm Member Posts: 496
    Here's the features enabled on the ASA 5505 security license, and one of them is for active/standby.

    There are key gen to get security plus if you only have base license.
    Licensed features for this platform:

    Maximum Physical Interfaces : 8 perpetual
    VLANs : 20 DMZ Unrestricted
    Dual ISPs : Enabled perpetual
    VLAN Trunk Ports : 8 perpetual
    Inside Hosts : Unlimited perpetual
    Failover : Active/Standby perpetual
    VPN-DES : Enabled perpetual
    VPN-3DES-AES : Enabled perpetual
    AnyConnect Premium Peers : 2 perpetual
    AnyConnect Essentials : Disabled perpetual
    Other VPN Peers : 25 perpetual
    Total VPN Peers : 25 perpetual
    Shared License : Disabled perpetual
    AnyConnect for Mobile : Disabled perpetual
    AnyConnect for Cisco VPN Phone : Disabled perpetual
    Advanced Endpoint Assessment : Disabled perpetual
    UC Phone Proxy Sessions : 2 perpetual
    Total UC Proxy Sessions : 2 perpetual
    Botnet Traffic Filter : Disabled perpetual
    Intercompany Media Engine : Disabled perpetual

    This platform has an ASA 5505 Security Plus license.
  • Toney_1819Toney_1819 Member Posts: 8 ■□□□□□□□□□
    Gns3 uses asdm and asa 8.4 as well.
  • QHaloQHalo Member Posts: 1,488
    Wow, they changed CCNA Security around huh? ASA's were not needed when I took this.
  • shufflahshufflah Registered Users Posts: 3 ■□□□□□□□□□
    How did you find that networksims.com package iris? that looks like rather good value for those of us after a CCNA:Security. Cheaper that just the ASA 5505 let alone the rest of the lab.
Sign In or Register to comment.