ASA 5506-X – Adding FirePOWER Licenses

A quick post on how to add licenses to your FirePOWER module on the Cisco ASA 5506-X, the process would be similar using the FireSIGHT Manager.

Cisco ASA 9.4 Code Release

This code release brings with it a couple of interesting features and new models to the plethora of Cisco ASA devices already on offer. The new devices added to the ASA family are:

  • ASA 5506W-X — ASA 5506 with inbuilt Wireless Access Point
  • ASA 5506H-X — ASA 5506 Hardened Edition (Ruggedized)
  • ASA 5508-X
  • ASA 5516-X

ASA – TCP Ping

In Cisco ASA version 8.4(1) a great new troubleshooting tool was introduced; TCP Ping. It basically does what you think it does, it sends a TCP SYN to a IP Address on a specified destination port to verify bi-directional TCP connectivity from an ASA interface. If the ASA receives a TCP SYN-ACK it will display as a successful ping.

ASA Embedded Event Manager (EEM)

As of ASA version 9.2(1), Cisco has introduced the EEM to the ASA feature set. For any of you familiar with IOS, this is the same functionality now available on the ASA.

Having the EEM functionality on the ASA is fantastic for automating pretty much anything, one such thing I needed to automate was to execute a “show run” when a user logs into the ASA and another “show run” when the user logs out. This is especially great on those devices that are under shared control and gives you as the engineer a log of a before and after, which can be great to compare exactly what was changed by a given engineer.

