Friday, May 31, 2013

ASA 5505, 5510 Base Vs. Security Plus License


The two smallest ASA Firewall models, the ASA 5505 and the Cisco 5510, are the only ones that have two types of licenses. They can be ordered either with a Base License or a Security Plus License.


Many customers of mine are always asking me what the difference is between the two licenses (except from the price of course), so I thought it would be useful to summarize below the differences between the two license types:
Base License
Security Plus License
10,000 Maximum Firewall Connections
25,000 Maximum Firewall Connections
10 Maximum VPN Sessions (site-to-site and remote access)
25 Maximum VPN Sessions (site-to-site and remote access)
3 Maximum VLANs (Trunking Disabled)(2 regular zones and 1 restricted zone that can only communicate with 1 other zone)
20 Maximum VLANs (Trunking enabled)(No restrictions of traffic flow between zones)
No High Availability (failover) supported
Supports Stateless Active/Standby failover

Base License
Security Plus License
50,000 Maximum Firewall Connections
130,000 Maximum Firewall Connections
5×10/100Integrated Network Interfaces
2×10/100/1000 and3×10/100
Integrated Network Interfaces
50 Maximum VLANs
100 Maximum VLANs
No High Availability (failover) supported
Supports Active/ActiveandActive/Standby failover
No Security Contexts (Virtual Firewalls)
Supports 2 Virtual Firewalls (included) and 5 maximum.
No Support for VPN Clustering and VPN Load Balancing
Supports VPN Clustering and VPN Load Balancing

More Cisco ASA Info and Tips:

No comments:

Post a Comment