Cisco ASA
Firewalls build on engineering behind the Cisco PIX 500 firewall, the Cisco IPS
4200 Series sensor, and the VPN 3000 model concentrator. These solutions enable
the Cisco Adaptive Security Appliances (ASA) Firewall family to deliver a
firewall that stops the widest range of threats. Cisco Adaptive Security
Appliances Firewalls provide program security, network containment and control,
and clean Virtual Private Network functionality throughout Cisco's product
line. This breadth of security allows defense of any network area, including
the most typical attack conduits such as remote sites, LAN-attached inside
users, and off-site connected VPNs.
The CiscoASA 5500 Series includes the Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580, and
5585-X Adaptive Security Appliances-purpose-built, high-performance security
solutions that take advantage of Cisco's expertise in developing
industry-leading, award-winning security and VPN solutions.
Through
the Cisco MPF, the Cisco ASA 5500 Series brings a new level of security and
policy control to applications and networks. MPF enables highly customizable,
flow-specific security policies that have been tailored to application
requirements. The performance and extensibility of the Cisco ASA 5500 Series is
enhanced through user-installable SSMs. This adaptable architecture enables
businesses to rapidly deploy security services when and where they are needed,
such as tailoring inspection techniques to specific application and user needs
or adding additional intrusion prevention and content security services such as
those delivered by the Adaptive Inspection and Prevention (AIP) and Content
Security and Control (CSC) SSMs. Furthermore, the modular hardware architecture
of the Cisco ASA 5500 Series, along with the powerful MPF, provides the
flexibility to meet future network and security requirements, extending the
outstanding investment protection provided by the Cisco ASA 5500 Series and
allowing businesses to adapt their network defenses to new threats as they
arise.
All Cisco
ASA 5500 Series appliances offer both IPsec and SSL/DTLS VPN solutions;
Clientless and AnyConnect VPN features are licensed at various price points, on
a per seat and per feature basis. By converging SSL and IPsec VPN services with
comprehensive threat defense technologies, the Cisco ASA 5500 Series provides
highly customizable, granular network access tailored to meet the requirements of
diverse deployment environments, while providing advanced endpoint and
network-level security.
The Cisco ASA 5505 Adaptive Security Appliance is a next-generation,
full-featured security appliance for small business, branch office, and
enterprise teleworker environments. The Cisco ASA 5505 delivers
high-performance firewall, SSL and IPsec VPN, and rich networking services in a
modular, "plug-and-play" appliance. Using the integrated Cisco ASDM,
the Cisco ASA 5505 can be rapidly deployed and easily managed, enabling
businesses to minimize operations costs. The Cisco ASA 5505 features a flexible
8-port 10/100 Fast Ethernet switch, whose ports can be dynamically grouped to
create up to three separate VLANs for home, business, and Internet traffic for
improved network segmentation and security. The Cisco ASA 5505 provides two
Power over Ethernet (PoE) ports, simplifying the deployment of Cisco IP phones
with zero-touch secure voice over IP (VoIP) capabilities, as well as the
deployment of external wireless access points for extended network mobility. A
high-performance intrusion prevention and worm mitigation service is available
with the addition of the AIP SSC. Multiple USB ports can be used to enable
additional services and capabilities as they are needed.
As
business needs grow, customers can install a Security Plus upgrade license,
enabling the Cisco ASA 5505 to scale to support a higher connection capacity
and up to 25 IPsec VPN users, add full DMZ support, and integrate into switched
network environments through VLAN trunking support. Furthermore, this upgrade
license maximizes business continuity by enabling support for redundant ISP
connections and stateless Active/Standby high-availability services.
Businesses
can also extend the Cisco ASA 5505's VPN service by enabling AnyConnect client
and clientless VPN remote access to support various mobile workers and business
partners. The Cisco Secure Remote Access Solution deployments can scale to
serve up to 25 AnyConnect and/or clientless VPN concurrent users on each Cisco
ASA 5505 by installing an Essential or a Premium AnyConnect VPN license.
This
combination of market-leading security and VPN services, advanced networking
features, flexible remote management capabilities, and future extensibility
makes the Cisco ASA 5505 an excellent choice for businesses requiring a
best-in-class small business, branch office, or enterprise teleworker security
solution.
Cisco ASA 5510 Adaptive Security
Appliance
The Cisco ASA 5510 Adaptive Security Appliance delivers advanced security
and networking services for small and medium-sized businesses and enterprise
remote/branch offices in an easy-to-deploy, cost-effective appliance. These
services can be easily managed and monitored by the integrated Cisco ASDM
application, thus reducing the overall deployment and operations costs
associated with providing this high level of security. The Cisco ASA 5510
Adaptive Security Appliance provides high-performance firewall and VPN services
and five integrated 10/100 Fast Ethernet interfaces. It optionally provides
high-performance intrusion prevention and worm mitigation services through the
AIP SSM, or comprehensive malware protection services through the CSC SSM. This
unique combination of services on a single platform makes the Cisco ASA 5510 an
excellent choice for businesses requiring a cost-effective, extensible,
DMZ-enabled security solution.
As
business needs grow, customers can install a Security Plus license, upgrading
two of the Cisco ASA 5510 Adaptive Security Appliance interfaces to Gigabit
Ethernet and enabling integration into switched network environments through
VLAN support. This upgrade license maximizes business continuity by enabling
Active/Active and Active/Standby high-availability services. Using the optional
security context capabilities of the Cisco ASA 5510 Adaptive Security
Appliance, businesses can deploy up to five virtual firewalls within an
appliance to enable compartmentalized control of security policies on a
departmental level. This virtualization strengthens security and reduces
overall management and support costs while consolidating multiple security
devices into a single appliance.
Businesses
can extend their SSL and IPsec VPN capacity to support a larger number of
mobile workers, remote sites, and business partners. Up to 250 AnyConnect
and/or clientless VPN peers can be supported on each Cisco ASA 5510 by
installing an Essential or a Premium AnyConnect VPN license; up to 250 IPsec
VPN peers are supported on the base platform.
VPN
capacity and resiliency can also be increased by taking advantage of the Cisco
ASA 5510's integrated VPN clustering and load-balancing capabilities (available
with a Security Plus license). The Cisco ASA 5510 supports up to 10 appliances
in a cluster, offering a maximum of 2500 AnyConnect and/or clientless VPN peers
or 2500 IPsec VPN peers per cluster. For business continuity and event
planning, the Cisco ASA 5510 can also benefit from the Cisco VPN FLEX licenses,
which enable administrators to react to or plan for short-term bursts of
concurrent Premium VPN remote-access users, for up to a 2-month period.
Notes: More Details of Cisco ASA 5500 Family, Such as Cisco ASA 5520, Cisco ASA 5540, Cisco ASA 5550, Cisco ASA 5580 Series...
No comments:
Post a Comment