manualshive.com logo in svg

Cisco Cisco ASA 5500 Series, Datasheet

Get your hands on the Cisco ASA 5500 Series datasheet and user manual for free! Explore the power and capabilities of this networking marvel by downloading the manual from our website. Gain easy access to in-depth information and unleash the potential of your Cisco ASA 5500 series device.

Share
Download
background image

 

 

© 2005 Cisco Systems, Inc. All rights reserved. 

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com. 

Page 7 of 20 

 
 

FEATURES AND BENEFITS OF CISCO ASA SOFTWARE VERSION 7.0 

Cisco ASA Software Version 7.0 for Cisco ASA 5500 Series adaptive security appliances provides a wealth of features, including those detailed in 

Table 1. A complete list of features is available in the release notes. 

Table 1. 

Features and Benefits of Cisco ASA Software Version 7.0 

Feature 

 

Benefit

 

Application Security Services

 

Advanced Application 
Inspection and Control 
Services

 

 

Integrates 30 specialized inspection engines that provide rich application control and security services for 
protocols such as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Extended Simple Mail 
Transfer Protocol (ESMTP), Domain Name System (DNS), Simple Network Management Protocol (SNMP), 
Internet Control Message Protocol (ICMP), SQL*Net, Network File System (NFS), H.323 Versions 1–4, Session 
Initiation Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Media Gateway Control Protocol (MGCP), 
Real-Time Streaming Protocol (RTSP), Telephony Application Programming Interface (TAPI) and Java Telephony 
Application Programming Interface (JTAPI) over Computer Telephony Interface Quick Buffer Encoding (CTIQBE) 
protocol, GPRS Tunneling Protocol (GTP), Lightweight Directory Access Protocol (LDAP), Internet Locator Service 
(ILS), Sun Remote Procedure Call (RPC), and many more

 

Advanced Web Security 
Services

 

 

Enables deep inspection services for Web traffic, which provide granular control over HTTP sessions for improved 
protection from a wide range of Web-based attacks 

 

Gives businesses precise control over what HTTP commands or methods can be used on a per-flow basis 
(different policy for traffic coming from Internet vs. traffic coming from a staging Web server to production Web 
server, for example), thus protecting businesses from a variety of Web-based attacks, including unauthorized 
deletion or modification of Web content

 

 

Delivers a wide range of additional powerful HTTP security services, including RFC compliance enforcement, 
protocol anomaly detection, protocol state tracking, response validation, Multipurpose Internet Mail Extensions 
(MIME) type validation and content control, Uniform Resource Identifier (URI) length enforcement, and more

 

Tunneling Application 
Control

 

 

Provides advanced inspection services to detect and optionally block instant messaging, peer-to-peer file sharing, 
and other applications tunneling through Web application ports 

 

Blocks popular instant messaging applications such as AOL Instant Messenger, Microsoft Messenger, and Yahoo 
Messenger

 

 

Stops peer-to-peer file sharing applications such as KaZaA and Gnutella

 

 

Thwarts tunneling applications such as GoToMyPC

 

FTP Security Services

 

 

Delivers advanced FTP inspection services, including protocol anomaly detection, protocol state tracking, Network 
Address Translation (NAT) and Port Address Translation (PAT) support, and dynamic port opening and closing 

 

Gives administrators greater control over the use of numerous FTP commands, allowing them to have the security 
appliance enforce what operations users and groups can perform within FTP sessions (such as FTP gets and 
puts)

 

 

Provides server obfuscation techniques and additional attack signatures to further protect FTP servers from attack

 

ESMTP E-Mail Security 
Services

 

 

Supports ESMTP security inspection services including protocol anomaly detection, protocol state tracking, and 
support for the following new commands introduced in ESTMP protocol: AUTH, DATA, EHLO, ETRN, HELO, 
HELP, MAIL, NOOP, QUIT, RCPT, RSET, SAML, SEND, SOML, and VRFY 

 

Protects businesses from malicious SMTP and ESTMP commands with automatic command filtering

 

SNMP Security Services

 

 

Delivers SNMP filtering services allowing administrators to maintain a consistent version of the SNMP protocol 
flowing through their networks 

 

Provides version filtering for all SNMP traffic attempting to flow through a Cisco ASA 5500 Series appliance, 
supporting filtering of SNMP versions 1, 2, 2c, and 3

 

ICMP Security Services

 

 

Enables secure usage of ICMP for troubleshooting and improved network performance by providing state tracking 
services for ICMP connections, as well as providing additional controls for ICMP error messages

 

Sun RPC and Network 
Information Service Plus 

 

Includes support for port-hopping UNIX applications through stateful inspection and NAT services for Sun RPC 
and NIS+ sessions transactions that use Portmapper v2 or RPCBind v3 or v4

 

Summary of Contents for Cisco ASA 5500 Series

Page 1: ...network antivirus and IP Security Secure Sockets Layer IPSec SSL VPN technologies deliver robust application security user and application based access control worm and virus mitigation malware protection and remote user and site connectivity Extensible Adaptive Identification and Mitigation services architecture Taking advantage of a modular services processing and policy framework the Cisco Adap...

Page 2: ...k detection coupled with advanced analysis techniques resulting in highly accurate threat classification that helps ensure appropriate mitigation actions are taken with no impact on legitimate network traffic Advanced Detection Techniques To help ensure that threats do not go unnoticed the Cisco ASA 5500 Series offers numerous methods to identify policy violations anomalous activity and vulnerabil...

Page 3: ...ologies that deliver tailored solutions to suit connectivity requirements providing employees company managed desktops with robust customizable remote access through an IPSec VPN For situations where endpoints are not company managed such as extranets Internet kiosks or employee owned desktops the Cisco ASA 5500 Series delivers WebVPN for SSL based remote access Taking advantage of Cisco remote ac...

Page 4: ...ents that require simultaneous dual stack support of IPv4 and IPv6 Quality of Service QoS Low Latency Queuing LLQ and Traffic Policing features support applications with demanding QoS requirements such as voice or video helping ensure an end to end network QoS policy latency sensitive traffic can be prioritized ahead of file transfer and other more delay tolerant traffic IP phone zero touch provis...

Page 5: ...cess VPN capabilities Alternatively it serves equally well in the network interior for interdepartmental access control and to guard against worms viruses and other malicious code that internal users may unwittingly bring into a network In small business and branch office environments the Cisco ASA 5500 Series serves as an all in one solution offering comprehensive threat prevention and VPN servic...

Page 6: ...ty of desktop server and network security solutions to determine the actual attack path and provide mitigation options thus simplifying security incident management for environments where dedicated security analysts may not be available Additionally Cisco offers the CiscoWorks Security Information Management Solution CiscoWorks SIMS which is well suited for large enterprises and managed security s...

Page 7: ...e tracking response validation Multipurpose Internet Mail Extensions MIME type validation and content control Uniform Resource Identifier URI length enforcement and more Tunneling Application Control Provides advanced inspection services to detect and optionally block instant messaging peer to peer file sharing and other applications tunneling through Web application ports Blocks popular instant m...

Page 8: ...in real time networking environments TAPI JTAPI over CTIQBE Security Services Supports inspection of various Cisco TAPI and JTAPI based applications that use CTIQBE including Cisco IP SoftPhone and the Cisco Customer Response solution Fragmented and Segmented Multimedia Stream Inspection Enables inspection of H 323 SIP and SCCP based voice and multimedia streams that have been fragmented or segmen...

Page 9: ...ts inbound and outbound access control lists ACLs for interfaces time based ACLs and per user or group policies for improved control over network and application usage Simplifies management of security policies by giving administrators the ability to create reusable network and service object groups that can be referenced by multiple security policies simplifying initial policy definition and ongo...

Page 10: ...PN Client Available on wide range of platforms including Microsoft Windows 98 ME NT 2000 and XP Sun Solaris Intel based Linux distributions and Apple Macintosh OS X Provides many innovative features including dynamic security policy downloading from Cisco Easy VPN Server enabled products automatic failover to back up Easy VPN Servers administrator customizable distributions and more Integrates wit...

Page 11: ... of a system or network failure network sessions are automatically transitioned between firewalls with complete transparency to users Active Active Stateful Failover Provides a complementary solution to Active Standby failover where both systems in an Active Active failover pair actively pass network traffic simultaneously effectively doubling the throughput of the failover pair for bursty network...

Page 12: ...ath routes Routing Information Protocol RIP Dynamic Routing Enables secure integration in RIP based enterprise networks by learning routing updates for both versions 1 and 2 of the protocol Protects against RIP based reconnaissance activities and DoS attacks by supporting plaintext and keyed MD5 authentication methods for RIPv2 Multicast Routing Streamlines the delivery of multimedia traffic in vi...

Page 13: ...l user database or through integration with enterprise databases either directly using TACACS and RADIUS or indirectly with Cisco Secure Access Control Server ACS Supports up to 16 levels of customizable administrative roles so that businesses can grant administrators and operations personnel the appropriate level of access to each appliance for example monitoring only access read only access to t...

Page 14: ...configuration data certificates and key material stored on Cisco ASA 5500 Series appliances by automatically wiping flash memory contents if an asset recovery or password reset procedure occurs if preconfigured to do so Scheduled System Reloads Allows administrators to schedule a reload on a Cisco ASA 5500 Series appliance either at a specific time or at an offset from the current time making it s...

Page 15: ... a Security Plus license This license increases port density on the platform by enabling the fourth Fast Ethernet port and removing the restriction on the out of band management port so that it can be repurposed to a general traffic port if desired Integration into switched network environments is simplified with this license as support for up to 10 VLANs is enabled Furthermore this upgrade licens...

Page 16: ...products listed in Table 3 for site to site VPN connectivity Table 3 Site to Site VPN Compatibility Between Cisco ASA 5500 Series and VPN Products VPN Gateway Versions Supported Cisco ASA 5500 Series Appliances Cisco ASA Software Version 7 0 1 and later Cisco IOS Software Routers Cisco IOS Software Release 12 1 6 T and later Cisco PIX Security Appliances Cisco PIX Security Appliance Software Versi...

Page 17: ...forms Supported Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Minimum RAM Cisco ASA 5510 256 MB Cisco ASA 5520 512 MB Cisco ASA 5540 1024 MB Minimum System Flash Memory 64 MB Expansion Cards Supported Cisco AIP SSM AIP SSM 10 AIP SSM 20 ORDERING INFORMATION To place an order visit the Cisco Ordering Home Page or ref...

Page 18: ...sion 7 0 Cisco Adaptive Security Device Manager Version 5 0 SERVICE AND SUPPORT Cisco offers a wide range of services programs to accelerate customer success These innovative service programs are delivered through a unique combination of people processes tools and partners resulting in high levels of customer satisfaction Cisco services help you protect your network investment optimize network ope...

Page 19: ...ssia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe Copyright 2005 Cisco Systems Inc All rights reserved CCSP CCVP the Cisco Square Bridge logo Follow Me Browsing and StackWise are trademarks of Cisco Systems Inc Changing the Way We Work Live Play and Learn and iQuick Stu...

Page 20: ... 2005 Cisco Systems Inc All rights reserved Important notices privacy statements and trademarks of Cisco Systems Inc can be found on cisco com Page 20 of 20 ...

Reviews:

No comments

Related manuals for Cisco ASA 5500 Series

Watchguard Firebox T25-W Quick Start Manual preview
Firebox T25-W
Brand: Watchguard Pages: 2
D-Link DFL- 2500 Cli Reference Manual preview
DFL- 2500
Brand: D-Link Pages: 213
Symantec ASG-S400-20 Product Installation Manual preview
ASG-S400-20
Brand: Symantec Pages: 41
Symantec 10521146 - Network Security 7120 Administration Manual preview
10521146 - Network Security 7120
Brand: Symantec Pages: 392
MB Connect Line 5.100.200.02.00 Quick Start Up Manual preview
5.100.200.02.00
Brand: MB Connect Line Pages: 16
Intel McAfee Data Loss Prevention Prevent Quick Start Manual preview
McAfee Data Loss Prevention Prevent
Brand: Intel Pages: 8
EdgeWave iPrism 105h Upgrade Manual preview
iPrism 105h
Brand: EdgeWave Pages: 12
Cyphre BT1 User Manual preview
BT1
Brand: Cyphre Pages: 219
Blue Coat MC-S400 Series Quick Start Manual preview
MC-S400 Series
Brand: Blue Coat Pages: 2
Global Technology Associates GB-800 Brochure preview
GB-800
Brand: Global Technology Associates Pages: 2

Brands by name

Popular brands

Load more brands