© 2005 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 3 of 20
Cisco Meta Event Generator
To quickly and accurately identify and stop worms that can rapidly propagate and cause extensive damage, the Cisco ASA 5500 Series includes
Cisco Meta Event Generator technology, which provides unique on-device correlation capabilities. This is achieved through real-time modeling of
worm behavior, including correlation of multiple event types and the time between individual events. As worms attempt to move through a network,
they propagate through the transmission of multiple packets, which in many cases appear to be legitimate traffic. The generator uses its real-time
correlation services to identify the initial packets associated with worm propagation and stops the follow-on packets necessary to complete the worm
infestation. Thus the worm cannot reach the intended target intact so is, in fact, ineffectual.
SECURE CONNECTIVITY SERVICES
The Cisco ASA 5500 Series provides robust site-to-site and remote-access VPN services, enabling businesses to create secure connections across
public networks to mobile users, remote sites, and business partners. An integrated approach to security is provided, enabling organizations to gain
the connectivity and cost benefits of the Internet, without compromising the integrity of the corporate security policy.
By integrating VPN services with the wide range of security services offered by the Cisco ASA 5500 Series, businesses benefit from a stronger, more
secure VPN connectivity. Integrated Cisco Adaptive Threat Defense capabilities help ensure that VPNs do not become a conduit for network attacks
such as worms, viruses, malware, or hacking. Detailed application and access control policies can also be applied to VPN traffic, so individuals and
groups of users have access only to the services and resources to which they are entitled. Additionally, customized quality-of-service (QoS) policies
can be applied on a per-user, -group, -tunnel, or -flow basis, helping ensure that the appropriate priority and bandwidth restrictions are applied to
specific network traffic flows.
Remote-Access VPN
The Cisco ASA 5500 Series offers flexible technologies that deliver tailored solutions to suit connectivity requirements, providing employees’
company-managed desktops with robust, customizable remote access through an IPSec VPN. For situations where endpoints are not company-
managed, such as extranets, Internet kiosks, or employee-owned desktops, the Cisco ASA 5500 Series delivers WebVPN for SSL-based remote
access. Taking advantage of Cisco remote-access expertise, enterprises can deploy a single, integrated platform with broad support for core enterprise
applications.
•
Flexible platform—Offers both IPSec and SSL-based VPN services on a single platform, eliminating the need to provide parallel solutions. The
Cisco ASA 5500 Series eliminates the inefficiencies and added costs of deploying separate, distinct platforms for both SSL and IPSec VPNs.
•
Resilient clustering—Allows remote-access deployments to scale cost-effectively by evenly distributing VPN sessions across Cisco ASA 5500
Series and Cisco VPN 3000 Series platforms without requiring any user intervention. This highly resilient capability eliminates any single point
of failure, allows businesses to scale their VPN headends as needed, and gives businesses excellent investment protection.
•
Cisco Easy VPN—Delivers a uniquely scalable, cost-effective, and easy-to-manage remote-access VPN architecture. Cisco ASA 5500 Series
appliances dynamically push the latest VPN security policies to remote VPN devices and clients, helping ensure that those remote endpoints have
up-to-date policies in place before the connection is established, thereby offering the ultimate flexibility, scalability, and ease of use. Furthermore,
the Cisco ASA 5500 Series provides VPN client software with “auto-update” capabilities that help enable automated version upgrades for Cisco
VPN Client software operating on remote desktops.
Site-to-Site VPN
Using the standards-based site-to-site VPN capabilities provided by the Cisco ASA 5500 Series, businesses can securely extend their networks across
low-cost Internet connections to business partners and remote and satellite offices worldwide.
•
VPN infrastructure for today’s applications—The Cisco ASA 5500 Series provides a VPN infrastructure capable of converged voice, video,
and data across a secure IPSec network, by combining robust site-to-site VPN support with rich inspection capabilities, QoS, dynamic routing,
and stateful failover features, allowing businesses to take advantages of the many benefits of converged networks.
