Menu

US Region

Grandmetric LLC
Lewes DE 19958
16192 Coastal Hwy USA
EIN: 98-1615498
+1 302 691 94 10
info@grandmetric.com

EMEA Region

GRANDMETRIC Sp. z o.o.
ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43
info@grandmetric.com

UK

Grandmetric LTD
Office 584b
182-184 High Street North
London
E6 2JA
+44 20 3321 5276
info@grandmetric.com

  • en
  • pl
  • End of life for Cisco ASA 5500

    What to expect? When to migrate? How to support ASA 5500-X?

    End-of-life for Cisco ASA 5500-X [Updated]

    Date: 20.03.2023

    Author:


    In this post, I am going to focus on recent End-of-Life announcements for Cisco ASA 5500-X products. I will elaborate on what EoL means, what are the consequences, and how to proceed when EoL affects your infrastructure. Then, how Grandmetric can help in such a scenario.

    What do EoL and EoS mean for Cisco products?

    On February 1st, 2021, Cisco announced the EoL for the popular 5516-X and 5508-X series, including Cisco ASA 5506, 5508, 5512-X, 5515-X, 5516-X, 5525, 5545, 5585 (second generation, or “X” generation).

    Why am I recalling this today?

    End of Life is not a single date. It’s a process of withdrawing a hardware product from the market. In most cases, it takes several years to do so. Recently, I explained how the hardware lifecycle works in a separate article.

    As far as Cisco is concerned, the migration of ASA 5500 series to newer solutions is going to continue through the year 2023 even up to 2026.

    End of Life, end of story

    I grew up with Cisco ASA (and PIX) :). One of the legends about it was that once you deploy ASA you could just forget the firewall issues. That was a legend of ASA stability. Good old ASAs then transformed into Next-Generation firewalls. ASA 5500-X with the SFR modules became popular after the acquisition of Source Fire by Cisco Systems. After a few years of the ASA X series popularity, Firepower appliances appeared on the horizon.

    Cisco ASA 5500-X Series with FirePOWER Services - Cisco
    ASA 5500-X series – a long history that is coming to an end

    Some of the EoLs might not have as much impact on your environment as the ASA5500 line does. The popular Internet Edge, VPN, and DC firewalls still play a critical role in many organizations. They serve a variety of functions. Starting from stateful filtering, the VPN remote access, WAN connectivity, or application control with the SFR managed by the FMC appliance.

    EoL for ASA and what next?

    What next? Cisco used to propose migration options for the EoL hardware lines. For the popular models, Cisco suggests:

    Please be aware, that the above suggestions (despite coming from Cisco migration options) may not always be taken as gospel. Your IT environment can change. The performance and stack of functions may also be different today than a few years ago when you used to order the ASA series. So please read the last section describing the choices you have.

    Cisco Firepower 2100 Series 2110, 12x Gb LAN od PLN 26516,95 (2021) |  Porównanie cen Cenowarka.pl Polska
    Cisco Firepower 2100 Series

    How Grandmetric can help when the date is close?

    First of all, Grandmetric engineers are always keen to talk and consider different options. They are related to your business case, technical objectives, and preferences.

    Secondly, because network security is burned into our Team DNA, we all have experience in Cisco firewalls. We do the migrations of large-scale (critical) DCs, Internet Edges, HA clusters, VPNs. And we still maintain large production networks running on ASAs. Because of the above, you can expect real advice coming from our practical expertise.

    We will put some light on the functionalities you might lose or gain as well as on the performance you might need now or in the future, depending on environment dynamics and specs. We will update you with licensing changes and migration options.

    Try before you buy – guided testing 

    A Proof of Concept project is what we recommend when migration is not an option but a necessity. Followed by technical counselling, PoC most often proves both pros and cons of particular solutions. Therefore, it’s much easier to make an informed decision once you run them. And guided testing is exactly what we can support you with.

    Get trained

    Do not be afraid of new solutions. If you prefer guided learning, you can find useful content for free in our knowledge base. The ASA and Firepower course is one of the top-scored training in our portfolio.

    https://www.grandmetric.com/2018/02/01/cisco-asa-asa-firepower-services-training-agenda/

    Contact Grandmetric pre-sales for free consulting to see how your organization can efficiently deal with ASA end of life.

    Author

    Marcin Bialy

    Marcin Biały is Network and Security Architect with over 14 years of experience, with Service Provider and Enterprise networking background. He used to work for large service providers, global vendors and integration services companies as Network Architect, Leading Architect and Techincal Solution Manager positions. He designed, implemented and supported dozens large scale projects and infrastructure migrations, solved hundreds of tickets and spent hours with CLI and GUI of many flavors. Marcin is also holding industry recognizable certificates such as CCNP, CCNA, CCSI #35269, FCNSP #7207, FCNSA and more.

    Leave a Reply

    Your email address will not be published. Required fields are marked *


    Which firewall to choose?

    We compared the key parameters of high-performance firewalls for small and medium businesses. Download to better choose the right equipment.

    Download
    Grandmetric