+ Reply to Thread
Results 1 to 25 of 25
  1. Matrix(Config)# Roguetadhg's Avatar
    Join Date
    Jan 2012
    Location
    SC
    Posts
    2,380

    Certifications
    #Cisco: NA #CompTIA: A.N.S
    #1

    Default ASA 5505 instead of a 5510?

    So Im looking to buy an ASA. I bought the CCNA:Security lab manual (1.1). It's using the ASA 5510.

    Do you think I can get away with using the 5505?


    I've searched on the websites for the differences- but all I can discern is that the 5510 has an IPS module. ...which in all fairness isn't any different than what the OCG is telling me.

    The difference (used) is just $1000. Ya know.

    Edit: Comparison- http://www.cisco.com/en/US/products/...dels_home.html

    Cisco ASA 5500 Series1 Part Number
    Cisco ASA 5505 Appliance with 10-User Firewall License, 8 FE ASA5505-BUN-K9
    Cisco ASA 5505 Appliance with 50-User Firewall License, 8 FE ASA5505-50-BUN-K9
    Cisco ASA 5505 Appliance with SW, Unlimited Users, 8 FE ASA5505-UL-BUN-K9
    Cisco ASA 5505 Appliance with Unrestricted Firewall License, Security Plus, 8 FE ASA5505-SEC-BUN-K9
    Cisco ASA 5510 Appliance with 5FE ASA5510-BUN-K9
    Cisco ASA 5510 Appliance with Security Plus, 2GE, 3FE ASA5510-SEC-BUN-K9
    Last edited by Roguetadhg; 09-25-2012 at 04:33 PM.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Aug 2011
    Posts
    683

    Certifications
    CCNA/CCNA:V/ATSA-IN
    #2
    No real difference except the license and IPS and supported vpn connections but for labbing a 5505 is fine..
    Reply With Quote Quote  

  4. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #3
    As I understand it, the 5505 is fine for the CCNA:Security.
    Currently working on: Resting
    Reply With Quote Quote  

  5. Senior Member RouteMyPacket's Avatar
    Join Date
    Aug 2012
    Location
    Dallas
    Posts
    1,077

    Certifications
    CCWKIA (Cisco Certified Wannabe Know It All)
    #4
    Quote Originally Posted by veritas_libertas View Post
    As I understand it, the 5505 is fine for the CCNA:Security.

    I agree, I am going the security route and asked this same question and even though I will purchase a 5510 (later 2) the the consensus is that a 5505 will carry you through CCNA-S, only in the later stages will you require 5510 for multi context, IDS/IPS/HA

    Someone please correct me if I am off base with that assumption.
    Reply With Quote Quote  

  6. Matrix(Config)# Roguetadhg's Avatar
    Join Date
    Jan 2012
    Location
    SC
    Posts
    2,380

    Certifications
    #Cisco: NA #CompTIA: A.N.S
    #5
    It makes sense, RouteMyPacket.

    On the certificationkit site, they list the 5505 under their "premium" ccna kit.

    For the CCSP, a 5510, 5505 and a PIX 506. Although, I'm not sure if they've updated the CCSP kit as it's "CCNP:Security" now.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #6
    Doesn't the 5510 and up have a specific type of failover/redundancy that is tested on the CCNP Security? Couldn't you just use GNS3?
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #7
    Here's a comparison off the Cisco site:

    Cisco ASA 5500 Series Adaptive Security Appliances Compare Models - Cisco Systems

    It seems like you'd probably run into issues with CCNP Security, possibly the Firewall and IPS. I know of people who just used GNS3.

    Nothing wrong with buying one to play with but if you plan on moving up it'll probably make more sense to use GNS3 or a rack rental.
    Reply With Quote Quote  

  9. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #8
    I bit the bullet today and bought the ASA 5505 - Looking forward to this!
    Reply With Quote Quote  

  10. Senior Member SteveO86's Avatar
    Join Date
    Oct 2010
    Location
    FL
    Posts
    1,405

    Certifications
    CCNP, CCIP, CCDP, CCNP: Security/Data Center, CCNA Wireless, CWNA, WCNA
    #9
    GNS3 cannot run any of the newer ASA code, only 8.0(2) -If I remember correctly.

    A 5505 will be good for CCNA-S, with the CCNP-S the 5505 doesn't cut it because of the High Available (Active/Standby requirements)

    The new CCNP-S track focuses on ASA 8.4 code - For FIREWALLv2 and VPNv2 exams. So PIX is not covered on CCNP-S nowadays.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #10
    They have 8.4 and ASDM running on GNS3. Just did a Google and have seen numerous threads on several forums.

    I recall a thread on this forum in which someone passed the firewall exam recently using simply GNS3.

    I wouldn't be surprised of they somehow get IOS 15 on this resilient program.
    Reply With Quote Quote  

  12. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,677

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #11
    I got lucky. We ordered a 5505 for a site that didn't end up using it so I have it sitting on my desk at work for play. I doubt I'll get that lucky if I go the CCNP:Security route and need some more hardware.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  13. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #12
    ^ The benefits of being a Network Engineer I suppose

    I briefly looked away from the computer screen as I selected 'place order' for a device that cost nearly as much as my entire current lab...
    Reply With Quote Quote  

  14. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,677

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #13
    I didn't really originally count on it. I ended up buying this before the ASA 5505 landed in my lap. It's not bad:
    ProfSIMS Cisco Simulator Main Page (NetworkSims.com)
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  15. Matrix(Config)# Roguetadhg's Avatar
    Join Date
    Jan 2012
    Location
    SC
    Posts
    2,380

    Certifications
    #Cisco: NA #CompTIA: A.N.S
    #14
    Where did you order your 5505, YFZblue?
    Irish is just a show off. I mean, look at all those CIW certs! She'll be able to javascript whole NES games by the time Christmas comes!

    As far as doing ASA on the GNS3, it has problems working. I just don't want a matter of "It doesn't work because of GNS3"!

    I got the CCNA:Security Version 1.1 lab manual. It's calling for the 5510, whereas the book, the 5505 is what's used. Arrr Matey!
    Reply With Quote Quote  

  16. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #15
    I feel the same way about running an ASA through GNS3. I'm waiting for a good deal on eBay. Does anyone know of a simulator for the ASA5510s?
    Currently working on: Resting
    Reply With Quote Quote  

  17. Matrix(Config)# Roguetadhg's Avatar
    Join Date
    Jan 2012
    Location
    SC
    Posts
    2,380

    Certifications
    #Cisco: NA #CompTIA: A.N.S
    #16
    Iris' link is pretty darn spectacular. It lists PIX & ASA. But I've never used it, so I don't know how close it is. Needless to say, I have high hopes.
    Reply With Quote Quote  

  18. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #17
    Quote Originally Posted by Roguetadhg View Post
    Where did you order your 5505, YFZblue?
    Irish is just a show off. I mean, look at all those CIW certs! She'll be able to javascript whole NES games by the time Christmas comes!

    As far as doing ASA on the GNS3, it has problems working. I just don't want a matter of "It doesn't work because of GNS3"!

    I got the CCNA:Security Version 1.1 lab manual. It's calling for the 5510, whereas the book, the 5505 is what's used. Arrr Matey!
    I ended up going the Amazon route. My wife is an accountant for a reseller, so my future purchases will have some type of employee discount hopefully Unfortunately she just started at this place and really didn't feel comfortable asking yet.
    Reply With Quote Quote  

  19. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #18
    Quote Originally Posted by Roguetadhg View Post
    Iris' link is pretty darn spectacular. It lists PIX & ASA. But I've never used it, so I don't know how close it is. Needless to say, I have high hopes.
    I'm wondering how much it can do ASA wise. I'm noticing that it focuses on the PIX.

    @Iris: Please tell us if this lets us use ASA5510 features? It looks neat for sure.
    Last edited by veritas_libertas; 09-25-2012 at 07:26 PM.
    Currently working on: Resting
    Reply With Quote Quote  

  20. Senior Member RouteMyPacket's Avatar
    Join Date
    Aug 2012
    Location
    Dallas
    Posts
    1,077

    Certifications
    CCWKIA (Cisco Certified Wannabe Know It All)
    #19
    Quote Originally Posted by spiderjericho View Post
    They have 8.4 and ASDM running on GNS3. Just did a Google and have seen numerous threads on several forums.

    I recall a thread on this forum in which someone passed the firewall exam recently using simply GNS3.

    I wouldn't be surprised of they somehow get IOS 15 on this resilient program.
    Yes, I am running the latest SW in GNS3 for ASA, no problem
    Reply With Quote Quote  

  21. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #20
    I was looking into the IPS module to insert into the 5505 - Well over $1,000 - Woof!
    Reply With Quote Quote  

  22. Senior Member SteveO86's Avatar
    Join Date
    Oct 2010
    Location
    FL
    Posts
    1,405

    Certifications
    CCNP, CCIP, CCDP, CCNP: Security/Data Center, CCNA Wireless, CWNA, WCNA
    #21
    Quote Originally Posted by YFZblu View Post
    I was looking into the IPS module to insert into the 5505 - Well over $1,000 - Woof!
    They are now EOL/EOS I beleive so the prices should drop on them soon enough.
    Reply With Quote Quote  

  23. Senior Member BroadcastStorm's Avatar
    Join Date
    Mar 2009
    Posts
    486

    Certifications
    CCNP/CCNA: R&S | MCSE 2003 | MCTS | BSCS
    #22
    Here's the features enabled on the ASA 5505 security license, and one of them is for active/standby.

    There are key gen to get security plus if you only have base license.
    Licensed features for this platform:

    Maximum Physical Interfaces : 8 perpetual
    VLANs : 20 DMZ Unrestricted
    Dual ISPs : Enabled perpetual
    VLAN Trunk Ports : 8 perpetual
    Inside Hosts : Unlimited perpetual
    Failover : Active/Standby perpetual
    VPN-DES : Enabled perpetual
    VPN-3DES-AES : Enabled perpetual
    AnyConnect Premium Peers : 2 perpetual
    AnyConnect Essentials : Disabled perpetual
    Other VPN Peers : 25 perpetual
    Total VPN Peers : 25 perpetual
    Shared License : Disabled perpetual
    AnyConnect for Mobile : Disabled perpetual
    AnyConnect for Cisco VPN Phone : Disabled perpetual
    Advanced Endpoint Assessment : Disabled perpetual
    UC Phone Proxy Sessions : 2 perpetual
    Total UC Proxy Sessions : 2 perpetual
    Botnet Traffic Filter : Disabled perpetual
    Intercompany Media Engine : Disabled perpetual

    This platform has an ASA 5505 Security Plus license.
    Reply With Quote Quote  

  24. Junior Member
    Join Date
    Dec 2010
    Location
    Central Virginia
    Posts
    8

    Certifications
    CCNA Security,CCNA, Security+, Project+
    #23
    Gns3 uses asdm and asa 8.4 as well.
    Reply With Quote Quote  

  25. DoWork
    Join Date
    Jun 2010
    Location
    A major Illinois hospital system near you
    Posts
    1,468

    Certifications
    vExpert, VCAP5-DCA/DCD, VCP5-DCV, VCIX-NV, VCP-NV, BSTM
    #24
    Wow, they changed CCNA Security around huh? ASA's were not needed when I took this.
    Reply With Quote Quote  

  26. Junior Member Registered Member
    Join Date
    Jun 2011
    Location
    Cardiff, UK
    Posts
    3

    Certifications
    CCENT
    #25
    How did you find that networksims.com package iris? that looks like rather good value for those of us after a CCNA:Security. Cheaper that just the ASA 5505 let alone the rest of the lab.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks