[Date Prev][Date Next][Thread Prev][Thread Next][Thread Index]

Re: [fw1-gurus] Query regarding ASA multiple security context Vs checkpoint VSX

It sounds like ASA has a bit less functionality than VSX. VSX does everything that you mentioned ASA does, as well as VPN and dynamic routing.
On IPSO at least, ipsrd (routing daemon) runs in separate instances to 
provide OSPF for example.
VSX and any other security virtualization technology requires deep 
technical understanding of network topology, management best practices, 
redundancy etc. If you don't have these in your organization, 
outsourcing the management of virtual systems to a reseller might be the 
best solution.
I am sure that Check Point Sales has presentations and technical write 
ups of the differences between Cisco's ASA technologies compared to VSX, 
you should contact them.

Gopi Krishna S (gopis) wrote:
Hi Gurus,

I’ve a query regarding the multiple context mode functionality in ASA comparing with CheckPoints VSX.
In ASA multiple-context mode You can partition a single security 
appliance into multiple virtual devices, known as
security contexts. Each context is an independent device, with its own 
security policy, interfaces, and administrators.
Multiple contexts are similar to multiple standalone devices. Many 
features are supported in multiple context mode,
which include routing tables, firewall features, IPS, and management. 
Some features are not supported, which include
VPN and dynamic routing protocols.

Does this is same as CheckPoint VSX which allows to create virtual systems?? And
Which other CheckPoint’s security appliances support this multiple 
security contexts??
Your help is highly appreciated in this regard.

Thank You.


Gopi Krishna.S


fw1-gurus mailing list
[email protected]
fw1-gurus mailing list
[email protected]