A few weeks ago, Cisco released version 8.2 for the ASA, which you can read more about the updated features here.  For me, one of the most appealing features that stands out the most is the NetFlow Secure Event Logging feature (NSEL).   Originally this feature was only made available on version 8.1 specifically for the 5580 models in January of this year.  Now it’s available from the 5505 models up to the 5580.

What’s the big deal?  Currently I’m dealing with a configuration where an Internet connection terminates directly on an ASA 5520.  Every month I have to deal with senior management inquiring about which department is consuming the most bandwidth so that finance can appropriately charge back the usage internally.  In order to appropriately collect this data, I had proposed to place a router in front of the ASA so that I could collect NetFlow statistics and report the information properly.  With NSEL on the ASA, I’d be able to collect the information directly without any additional equipment.

Hmm, if everything works as planned, I’ll have to figure out what to do with all these spare 3845 edge routers. 

The list price for the ASA5505-UL-BUN-K9 firewall is ~$680.00 off of CDW’s website.  Depending on how well you know your CDW sales rep (or any other reseller rep), they may be able to assist you with purchasing this firewall for ~$550.00.  It’s not a bad investment if you have the finances to build your own home lab.

If by chance your company is in a spending mood and is willing to purchase a considerable ($15K - 25K) amount of equipment from CDW or your reseller, I’m sure you could ask them to send you one for free.