Wow, Cisco ASA with FirePOWER Services is so popular. Cisco updated its ASA with FirePOWER Services, adding new ASA series such as 5506H-X, 5506W-X and 5516-X.
In the former article we talked about NGFW-Cisco ASA with FirePOWER Services and the new Cisco ASA 5506-X. Only a month later, the Cisco ASA 5500-X series with FirePOWER Services has new members of 5506H-X, 5506W-X and 5516-X, which makes us excited. It’s said that Cisco ASA 5506W-X is more powerful. It simplifies SMB networking, because variants of the desktop model are available with an integrated wireless access point-the ASA 5506W-X.
In order to provide the Advanced Security service for Small and Midsized Organizations and Distributed Enterprises, Cisco NGFWs feature both Advanced Malware Protection (AMP) and next-generation IPS (NGIPS). The newest additions to the Cisco ASA with FirePOWER Services NGFW family are tailor-made for small and medium businesses (SMB) and branch office applications, delivering integrated threat defense, low procurement and operating costs, and simplified security management.
The solution is available in both desktop (5506-X) and 1RU rack-mount (5508-X, 5516-X) form factors. Variants of the desktop model are available with an integrated wireless access point (5506W-X) to simplify SMB networking.
A ruggedized appliance (5506H-X) is specifically designed for industrial control systems and critical infrastructure applications. It features an extended operating temperature range and is available for desktop or DIN rail1, rack or wall mount deployment.
Take a Look: The Main Features of Cisco ASA 5506-X, 5506W-X, 5506H-X, 5508-X, and 5516-X with FirePOWER Services
Compare Models: ASA 5506-X /SecurityPlus vs. 5506W-X vs. 5506H-X
| Cisco ASA Model | ASA 5506-X / Security Plus | ASA 5506W-X | ASA 5506H-X |
| Stateful Inspection throughput (max1) | 750 Mbps | – | – |
| Stateful Inspection throughput (multiprotocol2) | 300 Mbps | – | – |
| Maximum application control (AVC) throughput | 250 Mbps | 250 Mbps | 250 Mbps |
| Maximum AVC and NGIPS throughput | 125 Mbps | 125 Mbps | 125 Mbps |
| Maximum Concurrent sessions | 20,000/50,000 | 20,000/50,000 | 50,000 |
| Maximum new Connections per second | 5,000 | 5,000 | 5,000 |
| Application control (AVC) or NGIPS sizing throughput [440 byte HTTP]3 |
90 Mbps | 90 Mbps | 90 Mbps |
| Packets per second (64 byte) | 246,900 | – | – |
| Maximum 3DES/AES VPN throughput4 | 100 Mbps | – | – |
| Maximum Site-to-site and IPsec IKEv1 client VPN user sessions4 (requires Security Plus license) | 10 / 50 | – | – |
| Maximum Cisco AnyConnect® or Clientless VPN User Sessions5(AnyConnect/Apex license required) | 2 / 50 | – | 50 |
| Cisco Cloud Web Security users | 275 | – | – |
| VLANs | 5 / 30 | 5 / 30 | 30 |
| High-availability support6 | A/S* | – | – |
| Integrated I/O | 8 x 1 Gigabit Ethernet (GE) | – | – |
| Expansion I/O | Not available | – | – |
| Dual power supplies | Not available | – | – |
| Power | AC only | – | – |
1 Maximum throughput with UDP traffic measured under ideal test conditions
2 Multiprotocol = Traffic profile consisting primarily of TCP-based protocols or applications like HTTP, SMTP, FTP, IMAPv4, BitTorrent, and DNS.
3Activating more features will change performance.
4 VPN throughput and maximum sessions depend on the ASA device configuration and VPN traffic patterns, including average packet size. These elements should be taken into consideration as part of your capacity planning. Throughput represents the maximum possible IPsec throughput. The maximum number of users may be limited by your throughput requirements.
5 Requires AnyConnect Plus or Apex license. An Apex license is required for clientless VPN. See the AnyConnect Ordering Guide for details. The maximum number of users may be limited by your throughput requirements.
ASA 5508-X vs. ASA 5512-X
| Product | ASA 5508-X | ASA 5512-X |
| Features | ||
| Maximum application control (AVC) throughput | 450 Mbps | 300 Mbps |
| Maximum AVC and IPS throughput | 250 Mbps | 300 Mbps |
| Maximum concurrent sessions | 1,00,000 | 1,00,000 |
| Maximum new connections per second | 10,000 | 10,000 |
| AVC or IPS sizing throughput [440-byte HTTP]2 | 180 Mbps | 100 Mbps |
| Supported applications | ||
| URL categories | ||
| Number of URLs categorized | ||
| Centralized configuration, logging, monitoring, and reporting |
1Higher specifications are associated with the Security Plus license.
2 Activating more features will change performance
Cisco ASA 5500-X with FirePOWER Services Capabilities and Capacities
More model Comparison you can refer to page https://www.cisco.com/c/en/us/products/security/asa-5500-series-next-generation-firewalls/models-comparison.html
More Related Cisco ASA FirePOWER Services Topics
How to Start a Cisco ASA 5506-X?
