Home
Certification Preparation
Cisco
CCNA & CCENT
CCNA Security
Purchasing an ASA for the CCNA:Security
veritas_libertas
Is there a particular model that I should be looking for when purchasing an ASA 5505?
Find more posts tagged with
Comments
SecurityThroughObscurity
there is no need real asa for exam.
veritas_libertas
That's not what I'm asking. I want to know what is suggested.
According to the CCNA Security 640-554 Exam Topics it does indeed include ASA configuration:
I realize I could just use GNS3, but I want the actual hardware.
640554.JPG
dover
Veritas,
I bought a (new) 5505 (base license) while doing the CCNP Security track and I don't regret it at all. It was kind of pricey, but since I got the Smartnet contract I was able to download what I needed from Cisco.com - like additional plug-ins for the SSL VPN portal page, Anyconnect client packages, etc.
I'm glad they expanded the CCNA Sec to include the ASA...I think you'll enjoy it! For the CCNA Sec, the basic 5505 should be fine. When you get to the CCNP Sec material you'll definitely need higher models, but you can go the GNS3 route or rack-rental.
Good luck!
Dover
Bundiman
The only thing to remember is that the 5505 is switch based and all other ASAs are interface based. Other then the interfaces they are configured the same.
veritas_libertas
Dover,
I haven't been able to get a clear answer from a Google search, does GNS3 run the 5510 image? I assume I would need some 5510s to do the CCNP Security track?
Bundiman
yes you can find it out there you just have to look
RouteMyPacket
CCNA - 5505 should suffice
CCNP, CCIE - Dual 5510 w/ Security Plus (multiple contexts, failover etc)
When it comes to Security, i'm racking DUAL 5510's in my lab. It's far from cheap and while I have configured an ASA in GNS3, i'm not sure how stable it would be overall when it got time to really dig deep into labbing with it.
YFZblu
I used the base model and license for my CCNA: Sec studies, it worked fine.
wintermute000
For CCNP I'd still say 5505s are fine. I spun up unstable ASAs in GNS3 to practice multi context/failover. For the rest of it 5505s are fine. (then again I have done multi context and failover before in real life).
CCIE of course you'll need the real thing w/ multi context and failover.
RouteMyPacket
I've now got my first 5510 w/ Security Plus racked in now.
veritas_libertas
I went ahead and picked up a 5505 for less than $300 + free shipping. Nice deal.
dover
Veritas,
You can do the lion's share of the CCNP Firewall and VPN stuff on your 5505 PLUS you get real hands on experience. One way I learned was to wipe the 5505 to factory configs at the end of every day. I'd come in the next day and rebuild a config - one day with CLI, the next with the ASDM - really makes it stick when you've got to configure it before you can get to work/Internet
I believe GNS3 is emulating 5520's. They are buggy for certain things and they are CPU & RAM intensive - particularly if you are running a couple of XP/7 workstation VMs along with an ACS server and some routers.
If you've got the funds, 5510's w/Sec plus is definitely the way to go. I'm jealous of RouteMyPacket's 2 x 5510's. I'm probably not going to end up going for CCIE Security mainly because of the cost involved in doing it right - unless I switch jobs to a Cisco partner, not likely.
Good luck with the CCNA: S
veritas_libertas
@Dover
: Thanks for the advice. Depending on how things go I would like eventually go down the CCNP:Security path.
ajmatson
You wont regret, I used a Physical ASA 5505 for the CCNA Security as well and it was more than enough. For the CCNP Security I am using Virtual ASA 5520's in GNS 3 and so far have worked fine but I don't regret having the Physical ASA 5505 to really have that hands on feel.
wintermute000
You only need real 5510s for failover and virtual contexts. Both can be easily practiced in GNS3 where the flakiness doesn't matter. I had no issues with CCNP Sec using that approach (real 5505s for 95% of it, GNS3 for failover/virtual context).
heikis
im in a dilemma:
buy a used ASA5510-BUN-K9 for USD 460
or buy an ASA5505-SEC-BUN-K9 for USD 230
It will be mostly used for self-study purposes. I dont mind paying the price for asa5510- but does the price seem fair?
if you say it's a bargain i probably would grab it.
Ivanjam
$460 is a great deal for a working 5510 and I wouldn't pay more than $200 for a used 5505.
heikis
well i managed negotiate the price and got the asa5510 for $420.
MickQ
Very nice. I didn't bother getting an ASA for the CCNA:S because I've a couple of base 5520s at work.
I found that even with my limited use of them, that was more than enough for the exam on that side of things.
spiderjericho
I was just looking on the Bay and $420 is a great deal on a 5510.
i want to pursue the CCNP Security, I just don't want to plink down $1,500-$2,000 for the 5510 and will probably just use old GNS3.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
