Adaptive Security Appliance and ASA 5500-X Series Next-Generation Firewall

Cisco ASA5515-K9
ALL LICENSES


Cisco Adaptive Security Appliance Software Version 9.5(2)2
Device Manager Version 7.6(1)

Security Plus License

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 100            perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Active/Active  perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Enabled        perpetual
Security Contexts                 : 5              perpetual
Carrier                           : Enabled        perpetual
AnyConnect Premium Peers          : 250            perpetual
AnyConnect Essentials             : 250            perpetual
Other VPN Peers                   : 250            perpetual
Total VPN Peers                   : 250            perpetual
AnyConnect for Mobile             : Enabled        perpetual
AnyConnect for Cisco VPN Phone    : Enabled        perpetual
Advanced Endpoint Assessment      : Enabled        perpetual
Shared License                    : Enabled        perpetual
Total UC Proxy Sessions           : 500            perpetual
Botnet Traffic Filter             : Enabled        perpetual
IPS Module                        : Disabled       perpetual
Cluster                           : Enabled        perpetual
Cluster Members                   : 4              perpetual

This platform has an ASA 5515 Security Plus license.
+
Brackest
+
Power lead (UK order only)

3 available, 1 has interface card blank (ASA-IC-A-BLANK) missing.
Check the photo 5.
The auction is for 1

Full working order
364 day warranty

asa# show ver
Cisco Adaptive Security Appliance Software Version 9.5(2)2
Device Manager Version 7.6(1)

Compiled on Tue 22-Dec-15 10:06 PST by builders
System image file is "disk0:/asa952-2-smp-k8.bin"
Config file at boot was "startup-config"

Hardware:   ASA5515, 8192 MB RAM, CPU Clarkdale 3059 MHz, 1 CPU (4 cores)
            ASA: 3598 MB RAM, 1 CPU (1 core)
Internal ATA Compact Flash, 8192MB
BIOS Flash MX25L6445E @ 0xffbb0000, 8192KB

Encryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
                             Boot microcode        : CNPx-MC-BOOT-2.00
                             SSL/IKE microcode     : CNPx-MC-SSL-SB-PLUS-0005
                             IPSec microcode       : CNPx-MC-IPSEC-MAIN-0026
                             Number of accelerators: 1
Baseboard Management Controller (revision 0x1) Firmware Version: 2.4

 0: Int: Internal-Data0/0    : address is 4c00.821d.c64d, irq 11
 1: Ext: GigabitEthernet0/0  : address is 4c00.821d.c651, irq 10
 2: Ext: GigabitEthernet0/1  : address is 4c00.821d.c64e, irq 10
 3: Ext: GigabitEthernet0/2  : address is 4c00.821d.c652, irq 5
 4: Ext: GigabitEthernet0/3  : address is 4c00.821d.c64f, irq 5
 5: Ext: GigabitEthernet0/4  : address is 4c00.821d.c653, irq 10
 6: Ext: GigabitEthernet0/5  : address is 4c00.821d.c650, irq 10
 7: Int: Internal-Data0/1    : address is 0000.0001.0002, irq 0
 8: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 0
 9: Int: Internal-Data0/2    : address is 0000.0001.0003, irq 0
10: Ext: Management0/0       : address is 4c00.821d.c64d, irq 0

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 100            perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Active/Active  perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Enabled        perpetual
Security Contexts                 : 5              perpetual
Carrier                           : Enabled        perpetual
AnyConnect Premium Peers          : 250            perpetual
AnyConnect Essentials             : 250            perpetual
Other VPN Peers                   : 250            perpetual
Total VPN Peers                   : 250            perpetual
AnyConnect for Mobile             : Enabled        perpetual
AnyConnect for Cisco VPN Phone    : Enabled        perpetual
Advanced Endpoint Assessment      : Enabled        perpetual
Shared License                    : Enabled        perpetual
Total UC Proxy Sessions           : 500            perpetual
Botnet Traffic Filter             : Enabled        perpetual
IPS Module                        : Disabled       perpetual
Cluster                           : Enabled        perpetual
Cluster Members                   : 4              perpetual

This platform has an ASA 5515 Security Plus license.



Product Overview

Your small offices or branch locations require the best network security available. An integrated solution that is easy to deploy and manage improves IT efficiency. Affordable pricing and the ability to scale as necessary are other important product benefits. You get all that and more with the Cisco® ASA 5505 Adaptive Security Appliance and ASA 5500-X Series Next-Generation Firewalls. These multifaceted security products include the world’s most proven stateful inspection firewallwith a comprehensive suite of highly integrated next-generation firewall services for networks of all sizes. These firewalls are used and trusted by small and midsize businesses with one or a few locations, large enterprises, service providers, and mission-critical data centers.

Enterprise class security. Cisco MultiScale® performance, providing the ability to deliver multiple security services at scale. Unprecedented services flexibility. Modular scalability. Feature extensibility. And lower deployment and operational costs. All of these features and benefits add up to tremendous value in the Cisco ASA 5505 Adaptive Security Appliance and ASA 5500-X Series Next-Generation Firewalls. Available in a wide range of sizes and performance levels to fit your network, budget, and evolving security needs, all models deliver the same proven level of security that protects the networks of some of the largest and most security-conscious companies in the world. They also provide the visibility and control you need to take advantage of new applications and devices without compromising security.

Cisco ASA 5512-X and 5515-X Adaptive Security Appliances

The Cisco ASA 5512-X and 5515-X Adaptive Security Appliances combine the most widely deployed stateful inspection firewall in the industry with a comprehensive suite of next-generation network security services for comprehensive security without compromise. They provide multiple security services and redundant power supplies and help enable consistent security enforcement throughout the organization. In addition to comprehensive stateful inspection firewall capabilities, the Cisco ASA 5512-X and 5515-X Adaptive Security Appliances optionally provide broad and deep network security through an array of integrated cloud- and software-based security services, including Cisco Application Visibility and Control (AVC), web security, Cisco Cloud Web Security (CWS), and the only context-aware intrusion prevention system (IPS) - all with no need for additional hardware modules.

The Cisco ASA 5512-X and ASA 5515-X Adaptive Security Appliances are part of the Cisco ASA 5500-X Series Next-Generation Firewalls, which is built on the same proven security platform as the rest of the Cisco ASA Family of firewalls and delivers exceptional application visibility and control along with superior performance and operational efficiency. The Cisco ASA 5512-X and 5515-X Adaptive Security Appliances are designed to meet evolving security needs by providing, among other things, innovative next-generation firewall services that make it possible to take advantage of new applications and devices without compromising security.

Unlike other next-generation firewalls, the Cisco ASA 5500-X Series Next-Generation Firewalls keep pace with rapidly evolving needs by offering end-to-end network intelligence gained from combining the visibility from local traffic with in-depth global network intelligence using:

 Cisco TrustSec® technology

 Cisco AnyConnect® Secure Mobility Solution for unique mobile client insight

 Cisco Security Intelligence Operations (SIO) for near-real-time threat information and proactive protection

 Cisco ASA Next-Generation Firewall Services

With up to 1.2 Gbps of firewall throughput, 250,000 concurrent firewall connections, 15,000 connections per second, and 6 integrated Gigabit Ethernet interfaces, the Cisco ASA 5512-X and ASA 5515-X Adaptive Security Appliances are excellent choices for businesses requiring a high-performance, cost-effective, and extensible security solution with exceptional application visibility and control that can grow as your needs change.

Cisco ASA 5505 Adaptive Security Appliance

The Cisco ASA 5505 is a full-featured firewall for small business, branch, and enterprise teleworker environments. It delivers high-performance firewall, SSL and IPsec VPN, and rich networking services in a modular, immediately operational appliance. Using the integrated graphical Cisco Adaptive Security Device Manager (ASDM), the Cisco ASA 5505 can be rapidly deployed and easily managed, helping businesses reduce operational costs. It features a flexible 8-port 10/100 Fast Ethernet switch whose ports can be dynamically grouped to create up to three separate VLANs for home, business, and Internet traffic for improved network segmentation and security. The Cisco ASA 5505 provides two Power over Ethernet (PoE) ports, simplifying the deployment of Cisco IP phones with highly secure zero-touch voice over IP (VoIP) capabilities, as well as the deployment of external wireless access points for extended network mobility. A high-performance intrusion prevention and worm mitigation service is available with the addition of the Advanced Inspection and Prevention Security Services Card (AIP SSC). Multiple USB ports can be used to implement additional services and capabilities as they are needed.

As business needs grow, customers can install a Security Plus upgrade license, The Cisco ASA 5505 can then scale to support a higher connection capacity and up to 25 IPsec VPN users, add full DMZ support, and integrate into switched network environments through VLAN trunking support. Furthermore, this upgrade license improves business continuity by helping to enable support for redundant ISP connections and stateless active/standby high-availability services.

Businesses can also extend the Cisco ASA 5505’s VPN service by enabling Cisco AnyConnect client and clientless VPN remote access to support various mobile workers and business partners. Cisco Secure Remote Access Solution deployments can scale to serve up to 25 AnyConnect or clientless VPN concurrent users on each Cisco ASA 5505 by installing an Essential or a Premium Cisco AnyConnect VPN license.

This combination of market-leading security and VPN services, advanced networking features, flexible remote management capabilities, and future extensibility makes the Cisco ASA 5505 an excellent choice for businesses requiring a best-in-class small business, branch, or enterprise teleworker security solution.

Table 1 compares the features and capacities of the Cisco ASA 5500 and ASA 5500-X platforms for small offices and branch locations.

Table 1. Cisco ASA 5500 Adaptive Security Appliance and ASA 5500-X Series Next-Generation Firewalls for Small Offices and Branch Locations

Feature

Cisco ASA 5505; SecurityPlus

Cisco ASA 5512-X; Security Plus

Cisco ASA 5515-X


Stateful inspection throughput (maximum1)

Up to 150 Mbps

1 Gbps

1.2 Gbps

Stateful inspection throughput (multiprotocol2)

-

500 Mbps

600 Mbps

IPS throughput3

Up to 75 Mbps with AIP‑SSC-5

250 Mbps
(extra hardware not required)

400 Mbps
(extra hardware not required)

Next-generation throughput4(multiprotocol)

-

200 Mbps

350 Mbps

3DES/AES VPN throughput5

Up to 100 Mbps

200 Mbps

250 Mbps

Users or nodes

Unlimited

Unlimited

Unlimited

IPsec VPN peers

25*

250

250

Cisco Cloud Web Security users

25

2000

3000

Premium AnyConnect VPN peers(included/maximum)

2/25

2/250

2/250

Concurrent connections

10,000; 25,000*

100,000

250,000

New connections per
second

4000

10,000

15,000

Virtual interfaces (VLANs)

3 (trunking disabled)/
20 (trunking enabled)*

50; 100

100

Security contexts (included/maximum)6

Not available

0,0;

2,5

2,5

High availability

Not supported*

Not supported; active/active and active/standby**

Active/active and active/standby

Expansion slot

1 SSC

1 interface card

1 interface card

User-accessible flash slot

-

No

No

USB 2.0 ports

3 (1 on front, 2 on rear)

2

2

Integrated I/O

8 Fast Ethernet with 2 PoE ports

6 GE copper

6 GE copper

Expansion I/O

-

6 GE Copper or

6 GE SFP

6 GE Copper or

6 GE SFP

Serial ports

1 RJ-45 console

1 RJ-45 console

1 RJ-45 console

Solid state drive

-

1 slot, 120 GB MLC SED

1 slot, 120 GB MLC SED

Memory

512 MB

4 GB

8 GB

Minimum system flash

128 MB

4 GB

8 GB

System bus

Multibus architecture

Multibus architecture

Multibus architecture

Temperature

32 to 104°F (0 to 40°C)

23 to 104°F (-5 to 40°C)

23 to 104°F (-5 to 40°C)

Relative humidity

5 to 95 percent noncondensing

10 to 90 percent noncondensing

10 to 90 percent noncondensing

Altitude

Designed and tested for 0 to 9840 ft (3000 m); agency approved for 2000 m

Designed and tested for 0 to 15,000 ft (4572 m)

Designed and tested for 0 to 15,000 ft (4572 m)

Shock

1.14 m/sec (45 in./sec) 1/2 sine input

70G, 4.22 m/sec

70G, 4.22 m/sec

Vibration

0.41 Grms2 (3 to 500 Hz) random input

0.41 Grms2 (3 to 500 Hz) random input

0.41 Grms2 (3 to 500 Hz) random input

Acoustic noise

60 dBa max

64.2 dBa max

64.2 dBa max

Temperature

-13 to 158ºF (-25 to 70ºC)

-13 to 158ºF (-25 to 70ºC)

-13 to 158ºF (-25 to 70ºC)

Relative humidity

5 to 95 percent noncondensing

10 to 90 percent noncondensing

10 to 90 percent noncondensing

Altitude

0 to 15,000 ft (4570m)

Designed and tested for 0to 15,000 ft (4570m)

Designed and tested for 0to 15,000 ft (4570m)

Shock

30G

70G, 4.22 m/sec

70G, 4.22 m/sec

Vibration

0.41 Grms2 (3 to 500 Hz) random input

1.12 Grms2 (3 to 500 Hz) random input

1.12 Grms2 (3 to 500 Hz) random input

AC range line voltage

100 to 240 VAC

100 to 240 VAC

100 to 240 VAC

AC normal line voltage

100 to 240 VAC

100 to 240 VAC

100 to 240 VAC

AC current

1.8A

4.85A

4.85A

AC frequency

50/60 Hz

50/60 Hz

50/60 Hz

Dual-power supplies

None

None

None

DC domestic line voltage

See the ASA 5500 Series Hardware Installation Guide

-40.5 to 56 VDC (-48 VDC nominal)

-40.5 to 56 VDC (-48 VDC nominal)

DC international line voltage

See the ASA 5500 Series Hardware Installation Guide

-55 to -72 VDC

(-60 VDC nominal)

-55 to -72 VDC

(-60 VDC nominal)

DC current

See the ASA 5500 Series Hardware Installation Guide

15A (maximum input)

15A (maximum input)

Steady state

20W

51W

65W

Maximum peak

96W

56W

70W

Maximum heat dissipation

72 BTU/hr

192 BTU/hr

239 BTU/hr

Form factor

Desktop

1RU, 19-in. rack-mountable

1RU, 19-in. rack-mountable

Dimensions (HxW x D)

1.75 x 7.89 x 6.87 in. (4.45x 20.04 x 17.45 cm)

1.67 x 16.7 x 15.6 In (4.24x 42.9 x 39.5 cm)

1.67 x 16.7 x 15.6 In (4.24x 42.9 x 39.5 cm)

Weight (with AC power supply)

4.0 lb (1.8 kg)

13.39 lb (6.07 kg)

13.39 lb (6.07 kg)

Safety

UL 60950, CSA C22.2 No. 60950, EN 60950 IEC 60950, AS/NZS60950

IEC 60950-1: 2005, 2ndEdition
EN 60950-1:2006+A11: 2009
UL 60950-1:2007, 2ndEdition; 
CSA C22.2 No. 60950-1-07, 2nd Edition

IEC 60950-1: 2005, 2nd Edition
EN 60950-1:2006+A11: 2009
UL 60950-1:2007, 2nd Edition; 
CSA C22.2 No. 60950-1-07, 2ndEdition

Electromagnetic compatibility (EMC)

CE marking, FCC Part 15 Class B, AS/NZS CISPR22 Class B, VCCI Class B, EN55022 Class B, CISPR22 ClassB, EN61000-3-2,
EN61000-3-3

CE: EN55022 2006+A1: 2007 Class A; EN55024 1998+A1:2001+A2:2003; EN61000-3-2 2009; EN61000-3-3 2008;
FCC: CFR 47, Part 15 Subpart B Class A 2010, ANSI C63.4 2009;
ICES-003 ISSUE 4 FEBRUARY.2004;
VCCI: V-3/2011.04;
C-TICK: AS/NZS CISPR 22,2009
KC: KN22 & KN24

CE: EN55022 2006+A1: 2007 Class A; EN55024 1998+A1: 2001+A2:2003; EN61000-3-2 2009; EN61000-3-3 2008;
FCC: CFR 47, Part 15 Subpart B Class A 2010, ANSI C63.4 2009;
ICES-003 ISSUE 4 FEBRUARY.2004;
VCCI: V-3/2011.04;
C-TICK: AS/NZS CISPR 22,2009
KC: KN22 & KN24

Industry certifications

FIPS 140-2 Level 2

In process: Common Criteria EAL4+ US DoD Application-Level Firewall for Medium-Robustness Environments, and Common Criteria EAL4 for IPsec/SSL VPN

In process

In process

1 Maximum throughput measured with UDP traffic under ideal conditions.
2 Multiprotocol = Traffic profile consisting primarily of TCP-based protocols/applications like HTTP, SMTP, FTP, IMAPv4, BitTorrent, and DNS.
3 Firewall traffic that does not go through the IPS service can have higher throughput.
4 Throughput was measured using Cisco ASA CX Software Release 9.1.1 with multiprotocol traffic profile with both AVC and WSE. Traffic logging was enabled as well.
5 VPN throughput and sessions count depend on the ASA device configuration and VPN traffic patterns. These elements should be taken into consideration as part of your capacity planning.
6 Separately licensed feature; includes two SSL licenses with base system.