Hello all, first time posting something here (I think). I was wondering if anyone could enlighten me on the difference between the Cisco ASA 5505 and Linksys E3000, as far as Firewall protection is concerned. Is the ASA 5505 somehow more robust in stopping attacks? I'm not paranoid, but I work for someone that is convinced the ASA needs to be in place. Thanks for the replies!

6 Years
Discussion Span
Last Post by smferoz

The ASA 5505 is a business class firewall that has a lot more flexibility when it comes to configuration. With that flexibility comes a very big learning curve if you've not used an ASA before. Not that it's rocket science, but a beginner will get frustrated with the command line quickly.

The ASA does a lot that the linksys can't do. The ASA can handle deep packet inspection and run fixups for things like DNS, SQLnet, etc to handle the NATing quirks for those protocols. The ASA can run static nats and port forwarding internally to various machines with access list control to really get detailed about what's allowed.

The ASA has support for the IPSEC VPN client and the SSL Anyconnect clients (check your licensing). It can also forward internally to multiple VLANs (again, check licensing). The ASA can route multiple subnets across a single VPN IPSEC tunnel instead of just 1 single subnet spec.

The big CON here is price. The ASA's are expensive if you start adding licensing for sec plus or Anyconnect support. So make sure you know what you are buying.


Thank you for your reply, very helpful, particularly the part about packet inspection. My question was more to do with the difference I will see, security-wise, when I replaced the ASA 5505 with the E3000. Cost is not the factor, as the ASA was already here and in place before I got here. Problem is that it wasn't configured by me. I just don't see the use for it. We weren't using it's robust VPN features or anything fancy at all. I believe it was only being used as a firewall.

Since removing it and replacing it with the E3000, do you think I am putting the network at a greater security risk?


If all you want to do is block traffic and allow certain outbound ports, then I think any firewall would suffice. The ASA begins to shine when you talk about hosting services, managing VPNs, etc...

If you have no VPN, and no internal hosts to share, then the e3000 should do the job fine IMHO.



ASA has many features when compared with LinkSys Firewall .ASA Firewall is more secure and reliable one can configure Failovers and VPN and on ASA Firewall .

Votes + Comments
Stop revivin dead thread more than 3 months old. Dude
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.