1. Outgoing shaping plus LLQ is easy. In principle, traffic classification can be done through NBAR, there should be enough resources (if there is nothing there except a 4.5 Mb / s channel).
Prioritizing incoming traffic is more difficult. If at some point in time there is an overload of the channel (and it will be, because TCP always works in bursts, even if the channel is only half loaded on average in 5 seconds), then the provider’s hardware will drop the packets, and it does not distinguish between voice and HTTP . I (at home) more or less work well with the scheme “polish everything except the voice to 3/4 of the channel speed”. Alas, any implementation of beautiful queues in the “in” direction will cause drops in voice traffic, and even the proposed scheme is not ideal, there will be short-term bursts. Well, the channel is used non-optimally.
3. Hardly.
4. From the point of view of the specified task - none.

1. Works great for a long time. We paint the traffic, then we do whatever we want with it
2. If there is Cisco, why look for something else. IMHO
3. If QoS works, there is no special meaning in the restriction. Namely, to limit the maximum utilization to about 80-90%, so that the provider's port does not start dropping a large number of packets.
4. Personally, I don't see much point in ASA in this case.

class-map match-all VIDEO_IN
 match access-group name VIDEO_IN
class-map match-all LOCAL_SERVICES_IN
 match access-group name LOCAL_SERVICES_IN
!
!
 class VIDEO_IN
  set ip precedence 4
 class LOCAL_SERVICES_IN
  set ip precedence 2
!
!

ip access-list extended VIDEO_IN
 permit ip host 10.100.1.3 10.100.0.0 0.0.255.255
 permit ip host 10.100.1.4 10.100.0.0 0.0.255.255
 permit ip host 10.100.1.5 10.100.0.0 0.0.255.255
 permit ip host 10.100.1.6 10.100.0.0 0.0.255.255
ip access-list extended LOCAL_SERVICES_IN
 permit ip host 10.54.1.2 10.0.0.0 0.255.255.255

Well, somehow, this is how I divide the priority of traffic in direction and services.
At the kernel level, this is enough for me. You can play around with other options.

class-map match-all ICMP
 match protocol icmp

class-map match-all HTTP
 match protocol http

class-map match-all HTTPS
 match protocol secure-http

class-map match-all PERMIT_ANY
 match access-group name PERMIT_ANY

class-map match-any VOICE
 match protocol skype
 match protocol rtp
 match protocol sip
 match protocol rtcp

policy-map QOS
 class PERMIT_ANY
    shape average 3435000
    queue-limit 512 packets
  service-policy CBQOS_OUT
 class class-default
    bandwidth remaining percent 25

policy-map CBQOS_OUT
 class VOICE
    priority percent 25
 class HTTPS
    bandwidth percent 30
 class ICMP
    priority percent 5
 class HTTP
    bandwidth percent 30
 class class-default
    fair-queue 512
   police rate 3000000

interface FastEthernet0/0
 service-policy output QOS

interface FastEthernet0/1
 service-policy output QOS

To be honest, I don’t fully understand the meaning of “fair-queue” and “queue-limit 512 packets” - this is how I played. In general, the result is unsatisfactory.
It lags both VoIP with Skype and ping. I draw graphs "Manage engine Netflow CBQOS analyzer" - om. In fact, there is little sense from all this QoS for realtime traffic.
Does it make sense to play with queue lengths, etc.?