Newer ASA Memory warning

Started by dlots, February 24, 2016, 10:16:03 AM

Previous topic - Next topic

deanwebb

Talked with Cisco today. Yes, those resources are reserved for SourceFire. The throughput rates and other things not associated with RAM and CPU are still valid for all their gear, but those RAM and CPU resources are reserved. It's that way on all NGFW models, regardless of vendor, it seems. It's just that in a Cisco box, you have the option of whether or not you get the SourceFire module.

That being said, there really ought to be documentation of the fact that the ASA is going to hit a memory limit with or without SourceFire that is at 50% of the total RAM on the system.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

Dieselboy

Quote from: deanwebb on March 02, 2016, 07:11:13 PM
That being said, there really ought to be documentation of the fact that the ASA is going to hit a memory limit with or without SourceFire that is at 50% of the total RAM on the system.

Yes, it's misleading. If someone is speccing out firewalls they could look at the stated RAM and may not realise they would actually be getting half of that.

dlots

Quote from: Dieselboy on March 02, 2016, 10:04:50 PM
Yes, it's misleading. If someone is speccing out firewalls they could look at the stated RAM and may not realise they would actually be getting half of that.

Yep that's us, our 5512x can't take anymore RAM and it's out of free RAM, we are going to have to buy new Firewalls.