( 6 reviews )
-
Posted: Mar 8 2009
Pros: * Very stable. Many home and even business grade Firewalls will occasionally start acting up and have to be rebooted, but the ASA is completely solid. * 8 port switch w/ 2 PoE ports is great for things like IP Phones and Wireless Access Points. * AnyConnect SSL VPN with 2 client licenses included is a great value. This lets me access my home network from work, despite them requiring a proxy server. * Supports Spanning Tree and Rapid Spanning Tree, allowing you to build redundant uplinks to STP compatible switches. * 256 MB RAM and 128 MB of flash is plenty of Memory for future software. * Tons of VPN options - Straight IPSec, DMVPN, L2TP, SSL, AnyConnect, etc. The IPSec VPN is support on the iPhone, so it's pretty cool to be able to access my home network from my phone. Cons: * High learning curve, especially if you don't have previous experience with Cisco PIX or routers. Even using the Java-based ASDM, it can take a few hours of training to find your way. Also, ASDM is not compatible with the latest version of Java (you'll get an 'unconnected sockets' message). * Only supports 1 internal VLAN with default license. This is fine for most setups, but disappointing since the Cisco routers will do at least 2 VLANs. It prevents, for example, having separate VLANs for voice and wireless, or creating a DMZ. * No built-in Wireless option. Check out the 870 or 1800 routers if this is important. Adding a Wireless AP is easy though, especially with the PoE ports. * No support for DHCP reservations. I like to configure Servers and Printers this way, and can't find any good reason Cisco wouldn't support it like they do on their routers and Layer 3 switches. Summary - A great value as a SOHO Firewall and VPN Appliance. The ASA 5505 is priced the same as the PIX 501 was, but adds 2 PoE ports and SSL VPN Capabilities. The biggest drawbacks I can see are the high learning curve, no built-in Wireless, and lack of DHCP reservations. Before purchasing, you'll probably want to take a look at the 870 series routers since they may be a better choice depending on your requirements.
-
Posted: Feb 14 2009
I've worked with these units since they came out. They have really progressed with the new code updates and offer all the features of the higher end firewalls (like the 5510), but for a small business price. The only thing to be careful of is all the licensing. Research what you need before purchasing. I am looking forward to when they add an IPS and/or wireless module into it. Make sure you go to Cisco.com and download the latest ASA and ASDM images. My only gripe about this unit is that I wish the switch port was gigabit.
-
Posted: Aug 15 2008
I've used everything from ipchains on a bsd server, to sonicwall, to netscreen, to the ASA. The ASA is very powerful, and features a friendly intuitive interface for new users (ASDM). The integrated switch and power-over-ethernet ports are a great bonus.
