manualshive.com logo in svg

Cisco Cisco ASA 5500 Series, Datasheet

Get your hands on the Cisco ASA 5500 Series datasheet and user manual for free! Explore the power and capabilities of this networking marvel by downloading the manual from our website. Gain easy access to in-depth information and unleash the potential of your Cisco ASA 5500 series device.

Share
Download
background image

 

 

© 2005 Cisco Systems, Inc. All rights reserved. 

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com. 

Page 12 of 20 

 
 

Feature 

 

Benefit

 

Layer 2 Transparent 
Firewall

 

 

Supports deployment of a Cisco ASA 5500 Series appliance in a secure Layer 2 bridging mode, providing rich 
Layer 2–7 firewall security services for the protected network while remaining "invisible" to devices on each side 
of

 

it 

 

Simplifies Cisco ASA 5500 Series appliance deployments in existing network environments by not requiring 
businesses to readdress the protected networks

 

 

Supports creation of Layer 2 security perimeters by enforcing administrator-defined Ethertype-based access 
control policies for Layer 2 network traffic

 

VLAN-Based Virtual 
Interfaces

 

 

Provides increased flexibility when defining security policies and eases overall integration into switched network 
environments by supporting the creation of logical interfaces based on IEEE 802.1q VLAN tags, and the creation 
of security policies based on these virtual interfaces

 

 

Supports multiple virtual interfaces on a single physical interface through VLAN trunking and multiple VLAN trunks 
per Cisco ASA 5500 Series appliance

 

 

Supports up to 10 VLANs on Cisco ASA 5510 appliances (with the Security Plus license), 25 VLANs on Cisco 
ASA 5520 appliances, and 100 VLANs on Cisco ASA 5540 appliances

 

OSPF Dynamic Routing

 

 

Provides comprehensive OSPF dynamic routing services on Cisco ASA 5500 Series appliances using technology 
based on world-renowned Cisco IOS

®

 Software 

 

Offers improved network reliability through fast route convergence and secure, efficient route distribution

 

 

Delivers a secure routing solution in environments using NAT through tight integration with Cisco ASA 5500 Series 
NAT services

 

 

Supports MD5-based OSPF authentication, in addition to plaintext OSPF authentication, to prevent route spoofing 
and various routing-based DoS attacks

 

 

Provides route redistribution between OSPF processes, including OSPF, static, and connected routes

 

 

Supports load balancing across equal-cost multipath routes

 

Routing Information 
Protocol (RIP) Dynamic 
Routing

 

 

Enables secure integration in RIP based enterprise networks by learning routing updates for both versions 1 and 2 
of the protocol 

 

Protects against RIP-based reconnaissance activities and DoS attacks by supporting plaintext and keyed-MD5 
authentication methods for RIPv2

 

Multicast Routing

 

 

Streamlines the delivery of multimedia traffic in videoconferencing, collaborative computing, and mission-critical 
real-time enterprise applications through full PIM Sparse Mode v2 and bidirectional PIM routing support (based on 
Cisco IOS Software Multicast technology) 

 

Facilitates a wide range of multicast applications by including support for Internet Group Management Protocol 
(IGMPv2) and stub multicast routing, including NAT and PAT and the ability to build ACLs for multicast traffic

 

QoS Services

 

 

Delivers per-flow, policy-based QoS services, with support for LLQ and Traffic Policing for prioritizing latency-
sensitive network traffic and limiting bandwidth usage of administrator-specified applications 

 

Enables businesses to have end-to-end QoS policies for their extended networks

 

IPv6 Networking

 

 

Provides access control and deep inspection firewall services for native IPv6 network environments and mixed 
IPv4 and IPv6 network environments through dual-stack support 

 

Delivers IPv6-enabled inspection services for applications based on HTTP, FTP, SMTP, ICMP, TCP, and UDP

 

 

Supports SSHv2, Telnet, HTTP and HTTPS, and ICMP-based management over IPv6

 

Security Level per Network 
Interface

 

 

Leverages the Cisco PIX Security Appliance interface security-level concept to simplify deployment in DMZ 
environments 

 

Simplifies deployment of Cisco ASA 5500 Series appliances in intranet environments by allowing multiple 
interfaces to share a common security level, and enabling administrators to define custom security policies for 
traffic flowing between interfaces at the same security level, without intrinsically permitting any type of automatic 
traffic flow

 

Dynamic Host 
Configuration Protocol 
(DHCP) Server

 

 

Provides DHCP server services on one or more interfaces, allowing devices to obtain IP addresses dynamically 

 

Includes extensions for automated provisioning of Cisco IP phones and Cisco SoftPhone IP telephony solutions

 

Summary of Contents for Cisco ASA 5500 Series

Page 1: ...network antivirus and IP Security Secure Sockets Layer IPSec SSL VPN technologies deliver robust application security user and application based access control worm and virus mitigation malware protection and remote user and site connectivity Extensible Adaptive Identification and Mitigation services architecture Taking advantage of a modular services processing and policy framework the Cisco Adap...

Page 2: ...k detection coupled with advanced analysis techniques resulting in highly accurate threat classification that helps ensure appropriate mitigation actions are taken with no impact on legitimate network traffic Advanced Detection Techniques To help ensure that threats do not go unnoticed the Cisco ASA 5500 Series offers numerous methods to identify policy violations anomalous activity and vulnerabil...

Page 3: ...ologies that deliver tailored solutions to suit connectivity requirements providing employees company managed desktops with robust customizable remote access through an IPSec VPN For situations where endpoints are not company managed such as extranets Internet kiosks or employee owned desktops the Cisco ASA 5500 Series delivers WebVPN for SSL based remote access Taking advantage of Cisco remote ac...

Page 4: ...ents that require simultaneous dual stack support of IPv4 and IPv6 Quality of Service QoS Low Latency Queuing LLQ and Traffic Policing features support applications with demanding QoS requirements such as voice or video helping ensure an end to end network QoS policy latency sensitive traffic can be prioritized ahead of file transfer and other more delay tolerant traffic IP phone zero touch provis...

Page 5: ...cess VPN capabilities Alternatively it serves equally well in the network interior for interdepartmental access control and to guard against worms viruses and other malicious code that internal users may unwittingly bring into a network In small business and branch office environments the Cisco ASA 5500 Series serves as an all in one solution offering comprehensive threat prevention and VPN servic...

Page 6: ...ty of desktop server and network security solutions to determine the actual attack path and provide mitigation options thus simplifying security incident management for environments where dedicated security analysts may not be available Additionally Cisco offers the CiscoWorks Security Information Management Solution CiscoWorks SIMS which is well suited for large enterprises and managed security s...

Page 7: ...e tracking response validation Multipurpose Internet Mail Extensions MIME type validation and content control Uniform Resource Identifier URI length enforcement and more Tunneling Application Control Provides advanced inspection services to detect and optionally block instant messaging peer to peer file sharing and other applications tunneling through Web application ports Blocks popular instant m...

Page 8: ...in real time networking environments TAPI JTAPI over CTIQBE Security Services Supports inspection of various Cisco TAPI and JTAPI based applications that use CTIQBE including Cisco IP SoftPhone and the Cisco Customer Response solution Fragmented and Segmented Multimedia Stream Inspection Enables inspection of H 323 SIP and SCCP based voice and multimedia streams that have been fragmented or segmen...

Page 9: ...ts inbound and outbound access control lists ACLs for interfaces time based ACLs and per user or group policies for improved control over network and application usage Simplifies management of security policies by giving administrators the ability to create reusable network and service object groups that can be referenced by multiple security policies simplifying initial policy definition and ongo...

Page 10: ...PN Client Available on wide range of platforms including Microsoft Windows 98 ME NT 2000 and XP Sun Solaris Intel based Linux distributions and Apple Macintosh OS X Provides many innovative features including dynamic security policy downloading from Cisco Easy VPN Server enabled products automatic failover to back up Easy VPN Servers administrator customizable distributions and more Integrates wit...

Page 11: ... of a system or network failure network sessions are automatically transitioned between firewalls with complete transparency to users Active Active Stateful Failover Provides a complementary solution to Active Standby failover where both systems in an Active Active failover pair actively pass network traffic simultaneously effectively doubling the throughput of the failover pair for bursty network...

Page 12: ...ath routes Routing Information Protocol RIP Dynamic Routing Enables secure integration in RIP based enterprise networks by learning routing updates for both versions 1 and 2 of the protocol Protects against RIP based reconnaissance activities and DoS attacks by supporting plaintext and keyed MD5 authentication methods for RIPv2 Multicast Routing Streamlines the delivery of multimedia traffic in vi...

Page 13: ...l user database or through integration with enterprise databases either directly using TACACS and RADIUS or indirectly with Cisco Secure Access Control Server ACS Supports up to 16 levels of customizable administrative roles so that businesses can grant administrators and operations personnel the appropriate level of access to each appliance for example monitoring only access read only access to t...

Page 14: ...configuration data certificates and key material stored on Cisco ASA 5500 Series appliances by automatically wiping flash memory contents if an asset recovery or password reset procedure occurs if preconfigured to do so Scheduled System Reloads Allows administrators to schedule a reload on a Cisco ASA 5500 Series appliance either at a specific time or at an offset from the current time making it s...

Page 15: ... a Security Plus license This license increases port density on the platform by enabling the fourth Fast Ethernet port and removing the restriction on the out of band management port so that it can be repurposed to a general traffic port if desired Integration into switched network environments is simplified with this license as support for up to 10 VLANs is enabled Furthermore this upgrade licens...

Page 16: ...products listed in Table 3 for site to site VPN connectivity Table 3 Site to Site VPN Compatibility Between Cisco ASA 5500 Series and VPN Products VPN Gateway Versions Supported Cisco ASA 5500 Series Appliances Cisco ASA Software Version 7 0 1 and later Cisco IOS Software Routers Cisco IOS Software Release 12 1 6 T and later Cisco PIX Security Appliances Cisco PIX Security Appliance Software Versi...

Page 17: ...forms Supported Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Minimum RAM Cisco ASA 5510 256 MB Cisco ASA 5520 512 MB Cisco ASA 5540 1024 MB Minimum System Flash Memory 64 MB Expansion Cards Supported Cisco AIP SSM AIP SSM 10 AIP SSM 20 ORDERING INFORMATION To place an order visit the Cisco Ordering Home Page or ref...

Page 18: ...sion 7 0 Cisco Adaptive Security Device Manager Version 5 0 SERVICE AND SUPPORT Cisco offers a wide range of services programs to accelerate customer success These innovative service programs are delivered through a unique combination of people processes tools and partners resulting in high levels of customer satisfaction Cisco services help you protect your network investment optimize network ope...

Page 19: ...ssia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe Copyright 2005 Cisco Systems Inc All rights reserved CCSP CCVP the Cisco Square Bridge logo Follow Me Browsing and StackWise are trademarks of Cisco Systems Inc Changing the Way We Work Live Play and Learn and iQuick Stu...

Page 20: ... 2005 Cisco Systems Inc All rights reserved Important notices privacy statements and trademarks of Cisco Systems Inc can be found on cisco com Page 20 of 20 ...

Reviews:

No comments

Related manuals for Cisco ASA 5500 Series

Teknim TPL NET Network Module Installation And User Manual preview
TPL NET Network Module
Brand: Teknim Pages: 3
Neoware Neoware c50 - Thin Client Specification preview
Neoware c50 - Thin Client
Brand: Neoware Pages: 5
Source fire Sourcefire 3D System Installation Manual preview
Sourcefire 3D System
Brand: Source fire Pages: 280
PaloAlto Networks PA-1400 Series Hardware Reference Manual preview
PA-1400 Series
Brand: PaloAlto Networks Pages: 46
D-Link DFL-500 User Manual preview
DFL-500
Brand: D-Link Pages: 140
D-Link DFL-260 - NetDefend - Security Appliance Quick Manual preview
DFL-260 - NetDefend - Security Appliance
Brand: D-Link Pages: 20
NETGEAR FVG318v2 - ProSafe 802.11g Wireless VPN Firewall Switch Use Manual preview
FVG318v2 - ProSafe 802.11g Wireless VPN Firewall Switch
Brand: NETGEAR Pages: 9
NETGEAR FVS328 - ProSafe VPN Firewall Reference Manual preview
FVS328 - ProSafe VPN Firewall
Brand: NETGEAR Pages: 228

Brands by name

Popular brands

Load more brands