Every once in a while I will have a student in one of my classes who is an employee of Cisco Systems. When questioned by curious fellow students as to either forthcoming products or enhancements to current ones, the standard reply is often “…it’s on the roadmap”. Over the years I’ve come to conclude that this means “count on it”.
Almost a year ago, someone asked if Intrusion Prevention capability was going to be added to the ASA 5580. The answer to that question then was, “it’s on the roadmap”. Now, the answer is the ASA 5585-X, shown below with an ASA 5540 model resting on top of it.
As you can see, the ASA 5585-X is a 2 RU appliance. What is not readily apparent from the photo, however, is that the terminology used to describe the embedded components has changed. Whereas the older (and now clearly mid-range) appliances have Security Services Modules (SSMs), the 5585 uses Security Service Processors (SSPs). There is a core SSP which comes standard, but the IPS SSP is optional.
With the inclusion of the highest end model IPS SSP, the 5585-X with the SSP-60 has capabilities equal to the ASA5580-40 in maximum connections and VPN sessions and exceeds the 5580 in overall packets per second, connections per second, and encryption throughput as shown in the models comparison. Note that with the IPS SSP-60 the overall throughput is a whopping 10Gbps! What is surprising to this author, however, is that the maximum security context count is still only 50.
Now, let me offer some interesting observations on the new platform.
- There are vacant bays for the inclusion of hard disk drives
- An eject button is present on the chassis but not functional; it is described “for future use” to support Online Insertion & Removal (OIR)
- The dual power supplies and the fans are hot swappable
- USB ports are also present on this model, but not currently functional
With its impressive overall rates and robust hardware (the SSP has a dual CPU and the 5585 can be supplied with as much as 72GB of memory), the 5585-X seems ideally suited to a campus or data center environment.