The other day marked a pretty big security release for Cisco. For a long time the Cisco ASA has been a physical firewall and recently evolved to a Virtual Appliance known as the ASA 1000v. The problem with this Virtual Appliance is that it required a Nexus 1000v.
Now with that said the Cisco ASA 1000v has been superseded by the Cisco ASAv during the week. Removing its underlying dependency on Nexus 1000v, this fully functioning Virtual Appliance faithfully reproduces a vast majority of the ASA’s features and expands the ASAs use case portfolio. The release of this Virtual Appliance is in alignment with a new code release. The most notable feature of this product release is BGP support.
There has been many a discussion surrounding how could Cisco not support this on ASA for so long. I am sure they lost many a deal to Juniper’s SRX over this. There were some designs where I ended up having to put a router behind the firewall or in front of it due to the fact BGP was a requirement. Operations considerations didn’t allow an SRX to be used which was unfortunate. Administrators rejoice if Cisco is your firewall incumbent as you now can peer off your firewall and reduce some of the complexity of the work around.
Another feature which looks to be targeted at the ASA5585-X and SSP modules is increasing the max link bundles of LACP. Now supporting 16 links in a LACP bundle, the ASA can connect 16 link channels to Nexus 7000 F2 10Gbe line cards. Some improvements there for data centre switching and tackling east-west DC traffic.
So what are you waiting for? Head over to the support portal and download the .ova. I am lead to believe you require vCenter for the installation.
Check out the release notes for Cisco ASA 9.2[x]