On Monday, September 12, 2011 01:28:22 AM Nick Hilliard
wrote:
> well, yes and no. NPUs are fine but they aren't CPUs and
> you'll never get the flexibility of a CPU-forwarded box
> on NPU based hardware, at least not at a comparable
> price point.
That's why I said "decent-enough", which, of c
On 10/09/2011 04:51, Mark Tinka wrote:
> Fodder for the ASR1000 BU.
>
> The box certainly has the tech. to be a decent-enough firewall, and is
> obviously a router by all accounts.
well, yes and no. NPUs are fine but they aren't CPUs and you'll never
get the flexibility of a CPU-forwarded box on
On Saturday, September 10, 2011 01:16:31 AM Nick Hilliard
wrote:
> i'm tending to run a local ospf instance on the fw-router
> link and then redistributing from ospf->bgp on the
> next-hop router. Really it would be much better to have
> fw support for bgp, but the ASA is such an enterprise
> bo
On 09/09/2011 16:51, Colin Whittaker wrote:
> This exact limitation is why everytime I deploy firewalls these days
> there tends to be some form of L3 switch on either side just so I have
> something to run BGP on and just do eBGP multihop across the ASA.
i'm tending to run a local ospf instance o
Hi,
On Fri, Sep 09, 2011 at 11:33:37AM -0400, Matthew Huff wrote:
> > Just last week I had a customer call due to weird issues with "passive
> > FTP is not working right"... but indeed that might have been an older
> > firmware release.
>
> Hmm, would it happen to have including a NetBSD or OpenB
On Fri, Sep 09, 2011 at 05:23:59PM +0200, Gert Doering wrote:
> > 1) It now does dynamic routing (RIP, OSPF, EIGRP)
>
> ... but still no BGP, which is undoubtly *the* routing protocol that you
> want to use if you don't trust your neighbours (due to much better filtering
> support) - and "firewall
> To: Matthew Huff
> Cc: 'Gert Doering'; 'Jay Nakamura'; 'cisco-nsp'
> Subject: Re: [c-nsp] ASA vs ISR ZBFW
>
> Hi,
>
> On Fri, Sep 09, 2011 at 11:17:39AM -0400, Matthew Huff wrote:
> > I understand where this comes from, but the ASA is a bit
Hi,
On Fri, Sep 09, 2011 at 11:17:39AM -0400, Matthew Huff wrote:
> I understand where this comes from, but the ASA is a bit more modern then the
> "PIXen".
>
> 1) It now does dynamic routing (RIP, OSPF, EIGRP)
... but still no BGP, which is undoubtly *the* routing protocol that you
want to use
ther.net [mailto:cisco-nsp-
> boun...@puck.nether.net] On Behalf Of Gert Doering
> Sent: Friday, September 09, 2011 11:05 AM
> To: Jay Nakamura
> Cc: cisco-nsp
> Subject: Re: [c-nsp] ASA vs ISR ZBFW
>
> Hi,
>
> On Fri, Sep 09, 2011 at 01:31:06AM -0400, Jay Nakamura wrote:
Hi,
On Fri, Sep 09, 2011 at 01:31:06AM -0400, Jay Nakamura wrote:
> I have been wondering lately, what advantages do ASA have over ISR as
> a firewall on the low end? As just one stand alone firewall, what
> features are there for ASA that distinguishes itself? Often, I rather
> have an ISR over
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jay Nakamura wrote:
> I have been wondering lately, what advantages do ASA have over ISR as
> a firewall on the low end? As just one stand alone firewall, what
> features are there for ASA that distinguishes itself? Often, I rather
> have an ISR over
I have been wondering lately, what advantages do ASA have over ISR as
a firewall on the low end? As just one stand alone firewall, what
features are there for ASA that distinguishes itself? Often, I rather
have an ISR over an ASA so I have more flexibility in a budget
environment.
ASA5505-SEC-BU
12 matches
Mail list logo