[c-nsp] pix upgrade
Adam Greene
maillist at webjogger.net
Mon Nov 8 11:39:26 EST 2010
Hi!
Time to upgrade our PIX-515-UR-BUNs ... so sad. After 10 years they seem
like an institution on our network.
Anyways, trying to size out the replacement ... we only see a peak of
about 12,000 pps through the units. One unit reports maximum connections
of 140,000, the other about 48,000 (they are located on different
segments of the network). We only need about (3) interfaces on the units
(2 of them as gig ports is fine). Very little VPN use. Only need them to
pass up to around 100Mbps traffic (45Mbps now, 100Mbps later on if we
grow).
I guess based on these values, we should be looking at an ASA5520-BUN-K9
for the 140,000 connections replacement unit, and an ASA5510-SEC-BUN-K9
as the 48,000 connections replacement. Sound about right?
I guess just looking for a sanity check more than anything else. The
determining factor in our decision seems to be the # of connections the
units can handle (ASA5520-BUN-K9 can do 280,000 and the
ASA5510-SEC-BUN-K9 only 130,000).
Thanks,
Adam
More information about the cisco-nsp
mailing list