So I have a building with only probably 20 people at a time really going out on the internet through this firewall. Right now it's a Fortigate 310B, which is pretty old and crashed on us last week. It's mostly just filtering who can hit the static route to the WAN, and a few other devices that connect into it, and a couple other pretty basic policies to block a few things.
I have some spare Fortigates, but I saw that my predecessor had acquired an ASA 5515-X with a Firepower license (just protection/control, no firesight). Honestly, overkill, but I figured I would take it as a chance to learn ASA/ASDM/Firepower as I have virtually no experience with it.
Well holy crap. Fortigates have a few weird things, but they are pretty dead simple once you know where everything is. This ASA has been one of the deepest learning curves, from installing the ASA module, licensing it, figuring out how management works, routing traffic to it. That's all without figuring out exactly how to translate the configurations over from the old device.
Looking over it, I really don't see a ton of advantage I get with the ASA. ASDM is okay but feels in dire need of an interface update (I've heard it might even be going away). The responsibility line between the ASA and Firepower are really blurry, and the firepower module doesn't appear to give much advantage, at least that I can tell (seems just like slightly more user control and filter intelligence.)
Am I totally off? Not sure If anyone has used both and ASA and Fortigate.
No comments:
Post a Comment