Cisco ASA5505

Toggle sidebar Toggle sidebar
Q

quanttrade99z

Member
May 22, 2005
123
0
0
Dear ALL,

I am in the market for a wired router to support mission-critical day trading.

After asking for advice here, I have pretty much decided to purchase the Cisco ASA5505-SEC-BUN-K9.

I'm also planning on getting (either at start or a couple weeks after) the:
ISP failover add-on.

Does anyone have any experience with this product? Any recommendations on best place to buy it from?

I will be using it to support a small home/office network. I run my daytrading business on this network, no am very sensitive to internet outages.
My networking skills are very poor, so am hoping setup will be easy... or at least that the Cisco support people can do it for me.

Interested in general comments. Also, in particular, does the ISP fail over feature work well?

Thank you all
quanttrade99z
 
Jeff7181

Jeff7181

Lifer
Aug 21, 2002
18,368
11
81
Cisco ASA product line are security appliances. An 800 series router will do everything you want and some while costing less than an ASA product. The company I work for leases 800 series routers for certain sites from the ISP and they're fully managed/configured by the ISP. They're capable of providing out of band access for troubleshooting connection problems and can fail over to a second WAN connection if the primary connection goes down. Fail over works flawlessly if configured properly.

*EDIT* By the way... Cisco routers are not for novices. They are not plug and play like your typical SOHO Linksys or DLink routers. They require configuration to get them to function at all, and require even more configuration to secure them. I highly suggest you lease one from your ISP and let them worry about the configuration. There's a reason people spend years obtaining Cisco certifications. This is not something you can "learn as you go" considering you say this is for a mission-critical day-trading system.
 
P

Pantlegz

Diamond Member
Jun 6, 2007
4,627
4
81
Gonna agree with jeff, if you don't have experience with cisco's IOS you probably don't want to try to implement them into a mission critical situation; By yourself anyway. The ASA is a good product though, and the failover is pretty nifty all lab work I've done with it, it works.
 
Q

quanttrade99z

Member
May 22, 2005
123
0
0
Thank you for all of your help.

I just called CISCO.... they pretty strongly recommended that I get the 1811 Router instead... they said that that was more appropriate, and that the ASA (although good) is primarily intended to be a security device. They said they would recommend the 800 series, but no ISP failover, 1811 has ISP failover.

What do you think?
 
E

Emulex

Diamond Member
Jan 28, 2001
9,759
1
71
edimax makes a cheap dual wan router; comcast and dsl.

make sure you get a device that can do http(s) based decision making on failover. and has good thresholds.

because the failures you will see are more likely to be issues with quality of connection that may be far more complex than an interface down.

say a bad route is put into your primary link; you might get 70% packet loss. well that ruins your mojo. Alot of routers that are dual wan may not be able to spot this and redirect traffic appropriately. It could be a bad nic card between peering partners that are not your direct ISP but due to traffic peering you may have very little luck getting your big isp to deal with it.

why don't you use your SERO unlimited plan or CLEAR Wimax as a backup? make sure your laptop(s) and the interface have sufficiently long battery operation (8 hours runtime) in the event of a prolonged localized outage? you also gain portability say if your home office is overrun by locusts :) j/k

i think you need to make a list of every single point of failure that will matter to you; and work the solution from that standpoint.

if you are doing unattended automation you may be better off with a colo or cloud service.

just some food for thought.
 
S

seepy83

Platinum Member
Nov 12, 2003
2,132
3
71
Originally posted by: quanttrade99z
Thank you for all of your help.

I just called CISCO.... they pretty strongly recommended that I get the 1811 Router instead... they said that that was more appropriate, and that the ASA (although good) is primarily intended to be a security device. They said they would recommend the 800 series, but no ISP failover, 1811 has ISP failover.

What do you think?
Click to expand...

Since this is a critical day-trading business, and you plan on purchasing a Router only, what do you plan on using for security (what firewall?)?
 
S

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: Emulex
edimax makes a cheap dual wan router; comcast and dsl.

make sure you get a device that can do http(s) based decision making on failover. and has good thresholds.

because the failures you will see are more likely to be issues with quality of connection that may be far more complex than an interface down.

say a bad route is put into your primary link; you might get 70% packet loss. well that ruins your mojo. Alot of routers that are dual wan may not be able to spot this and redirect traffic appropriately. It could be a bad nic card between peering partners that are not your direct ISP but due to traffic peering you may have very little luck getting your big isp to deal with it.

why don't you use your SERO unlimited plan or CLEAR Wimax as a backup? make sure your laptop(s) and the interface have sufficiently long battery operation (8 hours runtime) in the event of a prolonged localized outage? you also gain portability say if your home office is overrun by locusts :) j/k

i think you need to make a list of every single point of failure that will matter to you; and work the solution from that standpoint.

if you are doing unattended automation you may be better off with a colo or cloud service.

just some food for thought.
Click to expand...

Yeah, I remember OP asking for a solution in another thread. The device MUST be able to make decisions based on layer7 availability. That's probably why cisco recommended a router. I thought an ASA could do route testing/checking based on application availability. IOS absolutely does.
 
Jeff7181

Jeff7181

Lifer
Aug 21, 2002
18,368
11
81
Originally posted by: quanttrade99z
Thank you for all of your help.

I just called CISCO.... they pretty strongly recommended that I get the 1811 Router instead... they said that that was more appropriate, and that the ASA (although good) is primarily intended to be a security device. They said they would recommend the 800 series, but no ISP failover, 1811 has ISP failover.

What do you think?
Click to expand...

I think it depends on how critical this mission actually is and what your bandwidth requirements are. Cisco's 800 series routers will fail over to a another interface, but it's either 56k (891) or ISDN(892). If you need it to fail over to another broadband connection then yes, you'll need an 1800 series.

Business continuity and WAN diversity with redundant WAN links: Fast Ethernet, V.92, and ISDN Basic Rate Interface (BRI)

I know you didn't ask for opinions on this... but I'm having a hard time believing you need redundant network connections. Business class service offers at least 99% uptime in most cases to begin with. Which means on average, your network will be down for 3 days per year. When you factor in the hours each day you're actually trading, and the days per week you're actually trading the odds are in your favor even if you're trading the Foreign Exchange which only closes on the weekend. Plus, you sound like you're running this out of your home in which case you're at the mercy of your local telco and the reliability of their "last mile" network. If there's a cable cut in the last mile it doesn't matter who your provider is or how many circuits you have, service will be down until the physical connection to your ISP is restored.

However... if you wanted to go whole hog, my recommendation would not to have a primary circuit and a backup circuit, but rather two circuits, one being a high end business class T1 with AT LEAST 99% uptime if not 99.9%... then add a simple residential connection (cable would be ideal for this since the last mile for cable is not the same physical lines as the last mile from your telco). Configure the router to pass all traffic related to your day-trading over the T1 and everything else over the cable connection. In the event either goes down, all traffic would be diverted to the remaining good connection.
 
E

Emulex

Diamond Member
Jan 28, 2001
9,759
1
71
had this happen:
extended power outage
CO lost power
CABLE just went down (whatever reason)

I'd really suggest an alternate setup that is more reliable like cellular. it is likely if you keep driving :) you will get a connection eventually.

 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom