We currently run an ASA in transparent mode with multiple contexts, but also utilize the built-in IPS (SFR module). With Cisco moving away from ASA's (and the ASA OS no longer supporting IPS functionality), I'm told by Cisco that if I want a transparent firewall, I'll have to buy a Firepower Threat Defense and run ASA OS on it, then I'll have to buy a second FTD and run FXOS on it for IDPS functionality... seems like a waste of hardware.
Have any of you looked at alternatives to Cisco ASA that have IPS included?
I'm looking for something with some centralized management as we have these ASAs deployed across 30+ sites.
No comments:
Post a Comment