Networks Training

ASA 5505,5510 Base Vs Security Plus License

Cisco ASA 5505 Image Cisco ASA 5510 Image
CISCO ASA 5505 CISCO ASA 5510

The two smallest ASA Firewall models, the 5505 and the 5510, are the only ones that have two types of licenses. They can be ordered either with a Base License or a Security Plus License. Many customers of mine are always asking me what the difference is between the two licenses (except from the price of course), so I thought it would be useful to summarize below the differences between the two license types:

Cisco ASA 5505

Base License

Security Plus License
10,000 Maximum Firewall Connections 25,000 Maximum Firewall Connections
10 Maximum VPN Sessions (site-to-site and remote access) 25 Maximum VPN Sessions (site-to-site and remote access)
3 Maximum VLANs (Trunking Disabled)(2 regular zones and 1 restricted zone that can only communicate with 1 other zone) 20 Maximum VLANs (Trunking enabled)(No restrictions of traffic flow between zones)
No High Availability (failover) supported Supports Stateless Active/Standby failover

Cisco ASA 5510

Base License

Security Plus License
50,000 Maximum Firewall Connections 130,000 Maximum Firewall Connections
5×10/100Integrated Network Interfaces 2×10/100/1000 and3×10/100

Integrated Network Interfaces
50 Maximum VLANs 100 Maximum VLANs
No High Availability (failover) supported Supports Active/Active andActive/Standby failover
No Security Contexts (Virtual Firewalls) Supports 2 Virtual Firewalls (included) and 5 maximum.
No Support for VPN Clustering and VPN Load Balancing Supports VPN Clustering and VPN Load Balancing

Comments

  1. Hi,

    a 5510 with base license was already purchased, can i purchase a license and upgrade it to Sec Plus?

  2. Joseph,

    Yes absolutely. When you purchase the new license, Cisco will send you a new license code which you can configure it in the ASA 5510 (with command line configuration) and it will enable you all Sec Plus features.

  3. Hi,

    Does the 5510 Security Plus have the same capabilities as the 5520 VPN Plus?

    How can I compare it?

    Thanks a lot!

  4. The security plus for 5510 and the VPN plus license are two different things. The VPN plus license on 5520 is to double the VPN capacity of the box to support up to 750 concurrent VPN connections

  8. Karen,
    ASA5505 base license supports 3 vlans: inside, outside, and dmz. The dmz vlan can only initiate traffic to ONE of the other two vlans but not to both.

  9. hi. how many site to site vpn supported on asa 5510 with security plus license ?

  10. I don’t remember exactly but I think is supports at least 20-30 site to site

Leave a Reply

Your email address will not be published. Required fields are marked *

About Networks Training

We Provide Technical Tutorials and Configuration Examples about TCP/IP Networks with focus on Cisco Products and Technologies. This blog entails my own thoughts and ideas, which may not represent the thoughts of Cisco Systems Inc. This blog is NOT affiliated or endorsed by Cisco Systems Inc. All product names, logos and artwork are copyrights/trademarks of their respective owners.

Suggested Cisco Training

CISCO CERTIFICATION TRAINING
CISCO CCNA 200-120 TRAINING
CCNA SECURITY 640-554 TRAINING
CCENT ICND1 TRAINING
CISCO ICND2 TRAINING
CISCO CCNP TRAINING