GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: building the security rack ASA 5505s do the trick? posted 01/06/2008
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Hi,
* darth router wrote:
Are there any major limitations I would face if I used 2
5505s with the basic license in my security rack?

As already suggested by other people, the 5505 is too limited to lab up more advanced features. By this, I especially refer to security contexts in combination with failover.


If you really want the hardware but dont want to buy a pair of 5510, perhaps a pair of used PIX 515(E) is a cheaper alternative. You can do some rack rentals to get familiar with WebVPN, or use the 5505 with base license.

I suppose I could just use Qemu and emulate them, but I would like to have
the hardware. Any tips?

Its nice to have all boxes there for real, but in my home lab, I had a 5505 (Sec+ license), a VPN concentrator and one 3750 switch only (all borrowed). The rest was done with dynamips, pemu and vmware


http://www.internetworkpro.org/wiki/CCIE_Security_Home_Lab_with_dynamips_%26_Co


I could play with all the technologies - like PIX/ASA multiple contexts and failover (pemu), transparent firewall and VPN (5505 only for WebVPN). Such a home lab is great in the first phase of lab preparation, when you need to dive into every topic, and later if you need clarification on a topic that bugs you.


For the 'full lab scenario workbook phase': if you need to buy lots of hardware now, compare it with the costs for rack rentals. Even by having a home lab and being able to map workbook vendors topology to it (interesting first but annoying task later), I did rack rentals. You dont want to fight problems within your home lab topology anymore when you are in the last phase of lab preparation. I invested about $1000 into rack rentals over 3 months (~250 hours); I think a single 5505 is already ~$500.

After all, my suggestion is that if you cannot afford a full hardware security lab (like most people): Build something that helps you to understand all the major technologies, invest wisely in *some* hardware, but do the full scale labs on real (rented) hardware.

Good luck!


Christian (#19533)