Cisco ASA 5500 Family, Key Component of the Cisco Secure Borderless Network

Cisco ASA 5500 Series Adaptive Security Appliances deliver a robust suite of highly integrated, market-leading security services for small and medium-sized businesses (SMBs), enterprises, service providers, and mission-critical data centers- in addition to providing unprecedented services flexibility, modular scalability, feature extensibility, and lower deployment and operations costs.

Cisco ASA 5500 Series Adaptive Security Appliances

 

Cisco ASA Firewalls build on engineering behind the Cisco PIX 500 firewall, the Cisco IPS 4200 Series sensor, and the VPN 3000 model concentrator. These solutions enable the Cisco Adaptive Security Appliances (ASA) Firewall family to deliver a firewall that stops the widest range of threats. Cisco Adaptive Security Appliances Firewalls provide program security, network containment and control, and clean Virtual Private Network functionality throughout Cisco’s product line. This breadth of security allows defense of any network area, including the most typical attack conduits such as remote sites, LAN-attached inside users, and off-site connected VPNs.

The Cisco ASA 5500 Series includes the Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580, and 5585-X Adaptive Security Appliances-purpose-built, high-performance security solutions that take advantage of Cisco’s expertise in developing industry-leading, award-winning security and VPN solutions.

Through the Cisco MPF, the Cisco ASA 5500 Series brings a new level of security and policy control to applications and networks. MPF enables highly customizable, flow-specific security policies that have been tailored to application requirements. The performance and extensibility of the Cisco ASA 5500 Series is enhanced through user-installable SSMs. This adaptable architecture enables businesses to rapidly deploy security services when and where they are needed, such as tailoring inspection techniques to specific application and user needs or adding additional intrusion prevention and content security services such as those delivered by the Adaptive Inspection and Prevention (AIP) and Content Security and Control (CSC) SSMs. Furthermore, the modular hardware architecture of the Cisco ASA 5500 Series, along with the powerful MPF, provides the flexibility to meet future network and security requirements, extending the outstanding investment protection provided by the Cisco ASA 5500 Series and allowing businesses to adapt their network defenses to new threats as they arise.

All Cisco ASA 5500 Series appliances offer both IPsec and SSL/DTLS VPN solutions; Clientless and AnyConnect VPN features are licensed at various price points, on a per seat and per feature basis. By converging SSL and IPsec VPN services with comprehensive threat defense technologies, the Cisco ASA 5500 Series provides highly customizable, granular network access tailored to meet the requirements of diverse deployment environments, while providing advanced endpoint and network-level security.

 

Cisco ASA 5505 Adaptive Security ApplianceCisco ASA 5505 Adaptive Security Appliance

The Cisco ASA 5505 Adaptive Security Appliance is a next-generation, full-featured security appliance for small business, branch office, and enterprise teleworker environments. The Cisco ASA 5505 delivers high-performance firewall, SSL and IPsec VPN, and rich networking services in a modular, “plug-and-play” appliance. Using the integrated Cisco ASDM, the Cisco ASA 5505 can be rapidly deployed and easily managed, enabling businesses to minimize operations costs. The Cisco ASA 5505 features a flexible 8-port 10/100 Fast Ethernet switch, whose ports can be dynamically grouped to create up to three separate VLANs for home, business, and Internet traffic for improved network segmentation and security. The Cisco ASA 5505 provides two Power over Ethernet (PoE) ports, simplifying the deployment of Cisco IP phones with zero-touch secure voice over IP (VoIP) capabilities, as well as the deployment of external wireless access points for extended network mobility. A high-performance intrusion prevention and worm mitigation service is available with the addition of the AIP SSC. Multiple USB ports can be used to enable additional services and capabilities as they are needed.

As business needs grow, customers can install a Security Plus upgrade license, enabling the Cisco ASA 5505 to scale to support a higher connection capacity and up to 25 IPsec VPN users, add full DMZ support, and integrate into switched network environments through VLAN trunking support. Furthermore, this upgrade license maximizes business continuity by enabling support for redundant ISP connections and stateless Active/Standby high-availability services.

Businesses can also extend the Cisco ASA 5505’s VPN service by enabling AnyConnect client and clientless VPN remote access to support various mobile workers and business partners. The Cisco Secure Remote Access Solution deployments can scale to serve up to 25 AnyConnect and/or clientless VPN concurrent users on each Cisco ASA 5505 by installing an Essential or a Premium AnyConnect VPN license.

This combination of market-leading security and VPN services, advanced networking features, flexible remote management capabilities, and future extensibility makes the Cisco ASA 5505 an excellent choice for businesses requiring a best-in-class small business, branch office, or enterprise teleworker security solution.

 

Cisco ASA 5510 Adaptive Security ApplianceCisco ASA 5510 Adaptive Security Appliance

The Cisco ASA 5510 Adaptive Security Appliance delivers advanced security and networking services for small and medium-sized businesses and enterprise remote/branch offices in an easy-to-deploy, cost-effective appliance. These services can be easily managed and monitored by the integrated Cisco ASDM application, thus reducing the overall deployment and operations costs associated with providing this high level of security. The Cisco ASA 5510 Adaptive Security Appliance provides high-performance firewall and VPN services and five integrated 10/100 Fast Ethernet interfaces. It optionally provides high-performance intrusion prevention and worm mitigation services through the AIP SSM, or comprehensive malware protection services through the CSC SSM. This unique combination of services on a single platform makes the Cisco ASA 5510 an excellent choice for businesses requiring a cost-effective, extensible, DMZ-enabled security solution.

As business needs grow, customers can install a Security Plus license, upgrading two of the Cisco ASA 5510 Adaptive Security Appliance interfaces to Gigabit Ethernet and enabling integration into switched network environments through VLAN support. This upgrade license maximizes business continuity by enabling Active/Active and Active/Standby high-availability services. Using the optional security context capabilities of the Cisco ASA 5510 Adaptive Security Appliance, businesses can deploy up to five virtual firewalls within an appliance to enable compartmentalized control of security policies on a departmental level. This virtualization strengthens security and reduces overall management and support costs while consolidating multiple security devices into a single appliance.

Businesses can extend their SSL and IPsec VPN capacity to support a larger number of mobile workers, remote sites, and business partners. Up to 250 AnyConnect and/or clientless VPN peers can be supported on each Cisco ASA 5510 by installing an Essential or a Premium AnyConnect VPN license; up to 250 IPsec VPN peers are supported on the base platform.

VPN capacity and resiliency can also be increased by taking advantage of the Cisco ASA 5510’s integrated VPN clustering and load-balancing capabilities (available with a Security Plus license). The Cisco ASA 5510 supports up to 10 appliances in a cluster, offering a maximum of 2500 AnyConnect and/or clientless VPN peers or 2500 IPsec VPN peers per cluster. For business continuity and event planning, the Cisco ASA 5510 can also benefit from the Cisco VPN FLEX licenses, which enable administrators to react to or plan for short-term bursts of concurrent Premium VPN remote-access users, for up to a 2-month period.

 

Cisco ASA 5520 Adaptive Security Appliance

The Cisco ASA 5520 Adaptive Security Appliance delivers security services with Active/Active high availability and Gigabit Ethernet connectivity for medium-sized enterprise networks in a modular, high-performance appliance. With four Gigabit Ethernet interfaces and support for up to 100 VLANs, businesses can easily deploy the Cisco ASA 5520 into multiple zones within their network. The Cisco ASA 5520 Adaptive Security Appliance scales with businesses as their network security requirements grow, delivering solid investment protection.

Businesses can extend their SSL and IPsec VPN capacity to support a larger number of mobile workers, remote sites, and business partners. Up to 750 AnyConnect and/or clientless VPN peers can be supported on each Cisco ASA 5520 by installing an Essential or a Premium AnyConnect VPN license; 750 IPsec VPN peers are supported on the base platform. VPN capacity and resiliency can be increased by taking advantage of the Cisco ASA 5520’s integrated VPN clustering and load-balancing capabilities. The Cisco ASA 5520 supports up to 10 appliances in a cluster, offering a maximum of 7500 AnyConnect and/or clientless VPN peers or 7500 IPsec VPN peers per cluster. For business continuity and event planning, the Cisco ASA 5520 can also benefit from the Cisco VPN FLEX licenses, which enable administrators to react to or plan for short-term bursts of concurrent Premium VPN remote-access users, for up to a 2-month period.

The advanced application-layer security and content security defenses provided by the Cisco ASA 5520 can be extended by deploying the high-performance intrusion prevention and worm mitigation capabilities of the AIP SSM, or the comprehensive malware protection of the CSC SSM. Using the optional security context capabilities of the Cisco ASA 5520 Adaptive Security Appliance, businesses can deploy up to 20 virtual firewalls within an appliance to enable compartmentalized control of security policies on a departmental level. This virtualization strengthens security and reduces overall management and support costs while consolidating multiple security devices into a single appliance.

 

Cisco ASA 5540 Adaptive Security Appliance

The Cisco ASA 5540 Adaptive Security Appliance delivers high-performance, high-density security services with Active/Active high availability and Gigabit Ethernet connectivity for medium-sized and large enterprise and service-provider networks, in a reliable, modular appliance. With four Gigabit Ethernet interfaces and support for up to 100 VLANs, businesses can use the Cisco ASA 5540 to segment their network into numerous zones for improved security. The Cisco ASA 5540 Adaptive Security Appliance scales with businesses as their network security requirements grow, delivering exceptional investment protection and services scalability. The advanced network and application-layer security services and content security defenses provided by the Cisco ASA 5540 Adaptive Security Appliance can be extended by deploying the AIP SSM for high-performance intrusion prevention and worm mitigation.

Businesses can scale their SSL and IPsec VPN capacity to support a larger number of mobile workers, remote sites, and business partners. Up to 2500 AnyConnect and/or clientless VPN peers can be supported on each Cisco ASA 5540 by installing an Essential or a Premium AnyConnect VPN license; 5000 IPsec VPN peers are supported on the base platform. VPN capacity and resiliency can also be increased by taking advantage of the integrated VPN clustering and load-balancing capabilities of the Cisco ASA 5540. The Cisco ASA 5540 supports up to 10 appliances in a cluster, supporting a maximum of 25,000 AnyConnect and/or clientless VPN peers or 50,000 IPsec VPN peers per cluster. For business continuity and event planning, the ASA 5540 can also benefit from the Cisco VPN FLEX licenses, which enable administrators to react to or plan for short-term bursts of concurrent Premium VPN remote-access users, for up to a 2-month period.

Using the optional security context capabilities of the Cisco ASA 5540 Adaptive Security Appliance, businesses can deploy up to 50 virtual firewalls within an appliance to enable compartmentalized control of security policies on a per-department or per-customer basis, and deliver reduced overall management and support costs.

 

Cisco ASA 5550 Adaptive Security ApplianceCisco ASA 5550 Adaptive Security Appliance

The Cisco ASA 5550 Adaptive Security Appliance delivers gigabit-class security services with Active/Active or Active/Standby high availability, and fiber and Gigabit Ethernet connectivity, for large enterprise and service-provider networks in a reliable, 1-rack-unit form factor. Using its eight Gigabit Ethernet interfaces, four Small Form-Factor Pluggable (SFP) fiber interfaces*, and support for up to 200 VLANs, businesses can segment their network into numerous high-performance zones for improved security.

The Cisco ASA 5550 Adaptive Security Appliance scales with businesses as their network security requirements grow, delivering exceptional investment protection and services scalability. Businesses can scale their SSL and IPsec VPN capacity to support a larger number of mobile workers, remote sites, and business partners. Up to 5000 AnyConnect and/or clientless VPN peers can be supported on each Cisco ASA 5550 by installing an Essential or a Premium AnyConnect VPN license; 5000 IPsec VPN peers are supported on the base platform. VPN capacity and resiliency can also be increased by taking advantage of the Cisco ASA 5550’s integrated VPN clustering and load-balancing capabilities. The Cisco ASA 5550 supports up to 10 appliances in a cluster, supporting a maximum of 50,000 AnyConnect and/or clientless VPN peers or 50,000 IPsec VPN peers per cluster. For business continuity and event planning, the ASA 5550 can also benefit from the Cisco VPN FLEX licenses, which enable administrators to react to or plan for short-term bursts of concurrent Premium VPN remote-access users, for up to a 2-month period.

Using the optional security context capabilities of the Cisco ASA 5550 Adaptive Security Appliance, businesses can deploy up to 100 virtual firewalls within an appliance to enable compartmentalized control of security policies on a per-department or per-customer basis, and deliver reduced overall management and support costs.

Note: The system provides a total of 12 Gigabit Ethernet ports, of which only 8 can be in service at any time. Businesses can choose between copper or fiber connectivity, providing flexibility for data center, campus, or enterprise edge connectivity.

 

Cisco ASA 5580 Adaptive Security AppliancesCisco ASA 5580 Adaptive Security Appliances

The Cisco ASA 5580-20 and 5580-40 Adaptive Security Appliances deliver multigigabit security services for large enterprise, data center, and service-provider networks in a robust, 4-rack-unit form factor. The Cisco ASA 5580 accommodates high-density copper and optical interfaces with scalability from Fast Ethernet to 10 Gigabit Ethernet, enabling unparalleled security and deployment flexibility. Cisco ASA 5580 Adaptive Security Appliances include six interface card expansion slots with support for up to 24 Gigabit Ethernet interfaces or up to twelve 10 Gigabit Ethernet interfaces that simplify provisioning and enable campus segmentation. Furthermore, this high-density design enables security virtualization while retaining physical segmentation desired in managed security and infrastructure consolidation applications.

The Cisco ASA 5580 Series is offered at two performance levels: the Cisco ASA 5580-20 with 5 Gbps of real-world firewall performance, and the high-end Cisco ASA 5580-40 with 10 Gbps of real-world firewall performance. Their multicore, multiprocessor architecture delivers radical scalability for the most demanding network security and VPN concentration applications. Real-time applications can be transparently secured thanks to the extremely low latency, high session concurrency, and connection setup rates.

Businesses can scale their SSL and IPsec VPN capacity to support a larger number of mobile workers, remote sites, and business partners. Up to 10,000 AnyConnect and/or clientless VPN peers can be supported on each Cisco ASA 5580 by installing an Essential or a Premium AnyConnect VPN license; 10,000 IPsec VPN peers are supported on the base platform. Cisco ASA 5580 Adaptive Security Appliances can also be clustered to improve reliability and scalability, with support for up to 100,000 AnyConnect and/or clientless or IPsec remote-access clients when deploying 10 appliances in a cluster. For business continuity and event planning, the ASA 5580 can also benefit from the Cisco VPN FLEX licenses, which enable administrators to react to or plan for short-term bursts of concurrent Premium VPN remote-access users, for up to a 2-month period.

Additional features, including security virtualization through the use of security contexts and VLANs, increase service velocity while reducing operational and administrative overhead.

 

Cisco ASA 5585-X Adaptive Security Appliances

Cisco ASA 5585-X Adaptive Security Appliances are tailored to meet the high performance needs of mission-critical data centers and provide peace of mind with Cisco guaranteed coverage. Supporting the highest VPN session counts and twice as many connections per second as competitive firewalls in its class, Cisco ASA 5585-X appliances meet the growing needs of today’s most dynamic organizations. The appliances combine the world’s most proven firewall with the industry’s most comprehensive, effective IPS, offering the most effective security solution in the industry to significantly decrease business risk and address regulatory compliance-all in a compact 2-rack-unit footprint.

There are four Cisco ASA 5585 models: the entry-level Cisco ASA 5585-X with Security Services Processor -10 (SSP-10) delivers 2 Gbps of multi-protocol firewall performance; the Cisco ASA 5585-X with SSP-20 provides 5 Gbps of multi-protocol firewall performance; the Cisco ASA 5585-X with SSP-40 delivers 10 Gbps of multi-protocol firewall performance; and the high-end Cisco ASA 5585-X with SSP-60 provides 20 Gbps of multi-protocol firewall performance.

All four ASA 5585-X models reliably deliver exceptional scalability to meet the demanding needs of mission-critical data centers. The Cisco ASA 5585-X appliances can support up to 10,000 concurrent VPN sessions, while delivering up to twice the connections per second and up to four times the session count of other firewalls at a similar throughput. The appliances also provide twice the efficacy and the most comprehensive threat coverage of any IPS.

 

More Notes: Main features of Cisco ASA 5505, Cisco ASA 5510, Cisco ASA 5520, Cisco ASA 5540, Cisco ASA 5550, Cisco ASA 5580-20 and 5580-40…, comparison of the Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580, and 5585-X Adaptive Security Appliances, details of Security Services Processors, Modules and Cards, Cisco ASA 5500 Series IPS Modules, Cisco ASA 5500 Series Content Security and Control Module, Cisco ASA 5500 Series 4-Port Gigabit Ethernet Module, Cisco ASA 5580 Security Appliance Interface Cards…you can visit Cisco.com—Page of Cisco ASA 5500 Series Adaptive Security Appliances

 

More Related:  Simple Steps to Connect a Remote Office to Cisco ASA 5510

How to Configure Cisco ASA 5505 Firewall?

Share This Post

Post Comment