OverviewCisco ASA 5500 Series Adaptive Security Appliances deliver a robust suite of highly integrated, market-leading security services for small and medium-sized businesses (SMBs), enterprises, and service providers - in addition to providing unprecedented services flexibility, modular scalability, feature extensibility, and lower deployment and operations costs.
Cisco ASA 5500 Series Adaptive Security Appliances are purpose-built solutions that integrate world-class firewall, unified communications security, VPN, intrusion prevention (IPS), and content security services in a unified platform. The series builds upon proven technologies from Cisco PIX 500 Series Security Appliances, Cisco IPS 4200 Series Sensors, and Cisco VPN 3000 Series Concentrators.
Cisco ASA 5500 Series Adaptive Security Appliances are a key component of the Cisco Self-Defending Network. The Cisco ASA 5500 Series provides intelligent threat defense that stops attacks before they penetrate the network perimeter, controls network and application activity, and delivers secure remote access and site-to-site connectivity. The result is a powerful multi-function network security appliance family that provides security breadth, precision, and depth for protecting business networks of all sizes, while reducing the overall deployment and operations costs associated with implementing comprehensive multilayer security.
The Cisco ASA 5500 Series helps businesses increase effectiveness and efficiency in protecting their networks and applications, while delivering exceptional investment protection through the following elements:
- Market-proven security capabilities - The Cisco ASA 5500 Series integrates multiple full-featured, high-performance security services, including application-aware firewall, SSL and IPsec VPN, IPS, antivirus, antispam, antiphishing, and web filtering services. These technologies deliver strong network- and application-layer security, user-based access control, worm mitigation, malware protection, improved employee productivity, instant messaging and peer-to-peer control, and secure remote user and site connectivity.
- Extensible integrated services architecture - The Cisco ASA 5500 Series offers businesses strong, adaptive protection from the fast-evolving threat environment through its unique combination of hardware and software extensibility and its powerful Modular Policy Framework (MPF). The innovative extensible multiprocessor design and software architecture of the Cisco ASA 5500 Series enables businesses to easily install additional high-performance security services through security services modules (SSMs) and security services cards (SSCs). This provides businesses with outstanding investment protection, while enabling them to expand the security services profile of their Cisco ASA 5500 Series, as their security and performance needs grow. All these services are easily managed through the powerful Cisco Modular Policy Framework, which allows businesses to create highly customized security policies while making it simple to add new security and networking services into their existing policies.
- Reduced deployment and operations costs - The Cisco ASA 5500 Series enables standardization on a single platform to reduce the overall operational cost of security. A common environment for configuration simplifies management and reduces training costs for staff, while the common hardware platform of the series reduces sparing costs. Additional efficiencies are realized by deploying integrated capabilities, obviating the need for the complex designs required to connect standalone solutions.
- Comprehensive management interfaces - The graphical Cisco Adaptive Security Device Manager (ASDM), a comprehensive command line interface (CLI), verbose syslog, and Simple Network Management Protocol (SNMP) support round out a rich complement of management options. Multi-unit deployments benefit greatly from Cisco Security Manager, a platform capable of managing distributed deployments of 5 to 5000 devices. The award-winning Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) recognizes and correlates real network attacks and then rapidly defines how to stop them, thereby decreasing administrative overhead by reducing false positives and simplifying audit compliance.
The Cisco ASA 5500 SeriesThe Cisco ASA 5500 Series includes the Cisco ASA 5505, 5510, 5520, 5540, 5550, and 5580 Adaptive Security Appliances—purpose-built, high-performance security solutions that take advantage of Cisco’s expertise in developing industry-leading, award-winning security and VPN solutions. Through the Cisco MPF, the Cisco ASA 5500 Series brings a new level of security and policy control to applications and networks. MPF enables highly customizable, flow-specific security policies that have been tailored to application requirements. The performance and extensibility of the Cisco ASA 5500 Series are enhanced through user-installable SSMs. This adaptable architecture enables businesses to rapidly deploy security services when and where they are needed, such as tailoring inspection techniques to specific application and user needs or adding additional intrusion prevention and content security services such as those delivered by the Adaptive Inspection and Prevention (AIP) and Content Security and Control (CSC) SSMs. Furthermore, the modular hardware architecture of the Cisco ASA 5500 Series, along with the powerful MPF, provides the flexibility to meet future network and security requirements, extending the outstanding investment protection provided by the Cisco ASA 5500 Series, and allowing businesses to adapt their network defenses to new threats as they arise.
ciscoasa# show version
Cisco Adaptive
Security Appliance Software Version 8.3(1)
Device Manager
Version 6.3(1)
Compiled on Thu
04-Mar-10 16:56 by builders
System image file
is "disk0:/asa831-k8.bin"
Config file at
boot was "startup-config"
ciscoasa up 28
secs
Hardware: ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron
1599 MHz
Internal ATA
Compact Flash, 256MB
BIOS Flash
M50FW016 @ 0xfff00000, 2048KB
Encryption
hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot
microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode:
CNLite-MC-SSLm-PLUS-2.03
IPSec
microcode : CNlite-MC-IPSECm-MAIN-2.06
0: Ext: Ethernet0/0 : address is 6073.5cab.4e64, irq 9
1: Ext: Ethernet0/1 : address is 6073.5cab.4e65, irq 9
2: Ext: Ethernet0/2 : address is 6073.5cab.4e66, irq 9
3: Ext: Ethernet0/3 : address is 6073.5cab.4e67, irq 9
4: Ext: Management0/0 : address is 6073.5cab.4e68, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features
for this platform:
Maximum Physical
Interfaces : Unlimited perpetual
Maximum
VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security
Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
SSL VPN
Peers : 2 perpetual
Total VPN
Peers : 250 perpetual
Shared
License : Disabled perpetual
AnyConnect for
Mobile : Disabled perpetual
AnyConnect for
Cisco VPN Phone : Disabled
perpetual
AnyConnect
Essentials : Disabled perpetual
Advanced Endpoint
Assessment : Disabled perpetual
UC Phone Proxy
Sessions : 2 perpetual
Total UC Proxy
Sessions : 2 perpetual
Botnet Traffic
Filter : Disabled perpetual
Intercompany
Media Engine : Disabled perpetual
This platform has
an ASA 5510 Security Plus license.
Serial Number:
JMX1650806S
Running Permanent
Activation Key: 0x0805f243 0x4c041218 0x3840fdfc 0x92f46c58 0xcd18078f
Configuration
register is 0x1
Configuration has
not been modified since last system restart.
ciscoasa#