Cisco ASA 5505 Image Cisco ASA 5510 Image
CISCO ASA 5505 CISCO ASA 5510

The two smallest ASA Firewall models, the 5505 and the 5510, are the only ones that have two types of licenses. They can be ordered either with a Base License or a Security Plus License. Many customers of mine are always asking me what the difference is between the two licenses (except from the price of course), so I thought it would be useful to summarize below the differences between the two license types:

Cisco ASA 5505

Base License

Security Plus License

10,000 Maximum Firewall Connections 25,000 Maximum Firewall Connections
10 Maximum VPN Sessions (site-to-site and remote access) 25 Maximum VPN Sessions (site-to-site and remote access)
3 Maximum VLANs (Trunking Disabled)(2 regular zones and 1 restricted zone that can only communicate with 1 other zone) 20 Maximum VLANs (Trunking enabled)(No restrictions of traffic flow between zones)
No High Availability (failover) supported Supports Stateless Active/Standby failover

Cisco ASA 5510

Base License

Security Plus License

50,000 Maximum Firewall Connections 130,000 Maximum Firewall Connections
5×10/100Integrated Network Interfaces 2×10/100/1000 and3×10/100

Integrated Network Interfaces

50 Maximum VLANs 100 Maximum VLANs
No High Availability (failover) supported Supports Active/Active andActive/Standby failover
No Security Contexts (Virtual Firewalls) Supports 2 Virtual Firewalls (included) and 5 maximum.
No Support for VPN Clustering and VPN Load Balancing Supports VPN Clustering and VPN Load Balancing

Tagged with:

Filed under: Cisco ASA General

Like this post? Subscribe to my RSS feed and get loads more!