Cisco ASA 5540 SSL/IPsec VPN Firewall
Contents
1. Description Firewall Throughput Up to 1 2 Gbps VPN Throughput Up to 425 Mbps Concurrent Sessions 650 000 IPsec VPN Peers 5000 SSL VPN Peer License Levels 10 25 50 100 250 500 750 1000 2500 and 5000 Security Contexts Up to 50 Interfaces 8 Gigabit Ethernet ports 4 SFP fiber ports and 1 Fast Ethernet port Virtual Interfaces VLANs 250 Scalability VPN clustering and load balancing High Availability Active Active Active Standby Separately licensed feature includes two with base system Cisco ASA 5580 Adaptive Security Appliances The Cisco ASA 5580 20 and 5580 40 Adaptive Security Appliances deliver multigigabit security services for large enterprise data center and service provider networks in a robust 4 rack unit form factor The Cisco ASA 5580 accommodates high density copper and optical interfaces with scalability from Fast Ethernet to 10Gigabit Ethernet enabling unparalleled security and deployment flexibility Cisco ASA 5580 Adaptive Security Appliances include six interface card expansion slots with support for up to 24 Gigabit Ethernet interfaces or up to 12 10Gigabit Ethernet interfaces that simplify provisioning and enable campus segmentation Furthermore this high density design enables security virtualization while retaining physical segmentation desired in managed security and infrastructure consolidation applications The Cisco2. 22 0 Ib 10 kg Power Supply Regulatory and Standards Compliance Safety UL 60950 CSA C22 2 No 60950 EN 60950 IEC 60950 AS NZS60950 Electromagnetic CE marking CE marking FCC Part 15 Class A AS NZS CISPR22 Class A VCCI Class A Compatibility FCC Part 15 EN55022 Class A CISPR22 Class A EN61000 3 2 EN61000 3 3 EMC Class B AS NZS CISPR22 Class B VCCI Class B EN55022 Class B CISPR22 Class B EN61000 3 2 EN61000 3 3 Industry FIPS 140 2 Level Common Criteria EAL4 US DoD Application Level FIPS 140 2 Level 2 In Certifications 2 In process Firewall for Medium Robustness Environments process Common Criteria Common Criteria Common Criteria EAL2 for IPS on AIP SSM 10 and EAL4 US DoD Application EAL4 US DoD 20 FIPS 140 2 Level 2 and NEBS Level 3 In Level Firewall for Medium Application Level process Common Criteria EAL4 US DoD Robustness Environments Firewall for Application Level Firewall for Medium Robustness and Common Criteria EAL4 Medium Environments and Common Criteria EAL4 for for IPsec SSL VPN Robustness IPsec SSL VPN Environments and Common Criteria EAL4 for IPsec SSL VPN Available through an upgrade license Table 8 Characteristics of Cisco ASA 5580 Series Adaptive Security Appliances Feature Cisco ASA 5580 20 Cisco ASA 5580 40 Users Nodes Unlimited Unlimited Firewall Throughput Up to 5 Gbps real world HTTP 10 Gbps Up to 10 Gbps real wor
3. 25 000 IPsec VPN Peers 10 25 SSL VPN Peer License Levels 10 or 25 Interfaces 8 port Fast Ethernet switch with dynamic port grouping including 2 PoE ports Virtual Interfaces VLANs 3 no trunking support 20 with trunking support High Availability Not supported stateless Active Standby and redundant ISP support Separately licensed feature includes two with the base system Upgrade available with Cisco ASA 5505 Security Plus license Cisco ASA 5510 Adaptive Security Appliance The Cisco ASA 5510 Adaptive Security Appliance delivers advanced security and networking services for small and medium sized businesses and enterprise remote branch offices in an easy to deploy cost effective appliance These services can be easily managed and monitored by the integrated Cisco Adaptive Security Device Manager application thus reducing the overall deployment and operations costs associated with providing this high level of security The Cisco ASA 5510 Adaptive Security Appliance provides high performance firewall and VPN services and five integrated 10 100 Fast Ethernet interfaces It optionally provides high performance intrusion prevention and worm mitigation services through the AIP SSM or comprehensive malware protection services through the CSC SSM This unique combination of services on a single 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 3 of 19 Data Sheet
4. 3000 m Agency approved for 2000 m Shock 1 14 m sec 45 1 14 m sec 45 in sec 1 2 sine input in sec 1 2 sine input Vibration 0 41 Grms2 3 to 0 41 Grms2 3 to 500 Hz random input 500 Hz random input Acoustic noise 0 dBa max 60 dBa max Nonoperating Temperature 13 to 158 F 25 13 to 158 F 25 to 70 C to 70 C Relative humidity 5 to 95 percent 5 to 95 percent noncondensing noncondensing Altitude 0 to 15 000 ft 0 to 15 000 ft 4570 m 4570 m Shock 30G 30G 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 9 of 19 Data Sheet a Feature Cisco ASA 5505 Cisco ASA 5510 Cisco ASA 5520 Cisco ASA 5540 Cisco ASA 5550 Vibration 0 41 Grms2 3 to 0 41 Grms2 3 to 500 Hz random input 500 Hz random input Power Input per Power Supply Range line 100 to 240 VAC 100 to 240 VAC voltage Normal line 100 to 240 VAC 100 to 240 VAC voltage Current 1 8A 3A Frequency 50 60 Hz 47 63 Hz single phase Output Steady state 20W 150W Maximum peak 96W 190W Maximum heat 72 BTU hr 648 BTU hr dissipation Physical Specifications Form Factor Desktop 1 RU 19 in rack mountable Dimensions 1 75 x 7 89 x 1 75 x 17 5 x 14 25 in 4 45 x 20 04 x 36 20 cm H x W x D 6 87 in 4 45 x 20 04 x 17 45 cm Weight with 4 0 Ib 1 8 kg 20 0 Ib 9 07 kg
5. ASA 5580 Series are offered at two performance levels the Cisco ASA 5580 20 with 6 5 Gbps firewall performance and the high end Cisco ASA 5580 40 with 14 Gbps firewall performance Their multicore multiprocessor architecture delivers radical scalability for the most demanding network security and VPN concentration applications Real time applications can be transparently secured thanks to the extremely low latency high session concurrency and connection setup rates Cisco ASA 5580 Adaptive Security Appliances can also be clustered to provide improved reliability and scalability with support for up to 100 000 SSL or IPsec remote access clients when deploying 10 appliances in a cluster Additional features including security virtualization through the use of security contexts and VLANs increase service velocity while reducing operational and administrative overhead Table 6 lists features of the Cisco ASA 5580 Security Appliances Table 6 Cisco ASA 5580 Adaptive Security Appliance Platform Capabilities and Capacities Feature ASA 5580 20 ASA 5580 40 Max Firewall Throughput 5 Gbps real world HTTP 10 Gbps jumbo frames frames 10 Gbps real world HTTP 20 Gbps jumbo 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 7 of 19 Data Sheet ne Feature ASA 5580 20 ASA 5580 40 Max VPN Throughput 1 Gbps 1 Gbps Concurrent Sessions 1 000 0
6. as well as software and hardware extensibility through user installable security services modules SSMs and security services cards SSCs advance the evolution of existing services and the deployment of new services without requiring a platform replacement or performance compromise With these capabilites the Cisco ASA 5500 Series provides the foundation for highly customizable security policies and unprecedented services extensibility to help protect against the fast evolving threat environment e Reduced deployment and operations costs The multifunction Cisco ASA 5500 Series allows for platform configuration and management standardization helping to decrease the costs of deployment and ongoing operations Introducing the Cisco ASA 5500 Series The Cisco ASA 5500 Series includes the Cisco ASA 5505 5510 5520 5540 5550 and 5580 Adaptive Security Appliances purpose built high performance security solutions that take advantage of Cisco expertise in developing industry leading award winning security and VPN solutions The series builds upon proven technologies from Cisco PIX 500 Series Security Appliances Cisco IPS 4200 Series Sensors and Cisco VPN 3000 Series Concentrators Designed as a key component of the Cisco Self Defending Network the Cisco ASA 5500 Series provides proactive threat defense that stops attacks before they spread through the network controls network activity and application traffic and delivers flexible VPN connec
7. content of their business communications The module provides additional flexibility and choice over the functioning and deployment of Cisco ASA 5500 Series appliances Licensing options enable organizations to customize the features and capabilities to each group s needs with features that include advanced content services and increased user capacity The CSC SSM ships with a default feature set that provides antivirus anti spyware and file blocking services A Plus license is available for each CSC SSM at an additional charge delivering capabilities such as anti spam anti phishing URL blocking and filtering and content control services Businesses can extend the user capacity of the CSC SSM by purchasing and installing additional user licenses A detailed listing of these options is shown in Table 10 and in the CSC SSM data sheet Table 10 Characteristics of Cisco ASA 5500 Series CSC SSMs 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 13 of 19 Data Sheet a Feature Cisco ASA 5500 Series CSC SSM 10 Cisco ASA 5500 Series CSC SSM 20 4 e Supported Platforms e Cisco ASA 5510 e Cisco ASA 5520 e Cisco ASA 5510 e Cisco ASA 5520 e Cisco ASA 5540 Standard and Optional Features Standard User License 50 users 500 users Standard Feature Set Antivirus anti spyware file blocking Optional User Upgrades e 100 users 750 users Total Users e 2
8. zones within their network The Cisco ASA 5520 Adaptive Security Appliance scales with businesses as their network security requirements grow delivering solid investment protection 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 4 of 19 Data Sheet a Businesses can extend their SSL and IPsec VPN capacity to support a larger number of mobile workers remote sites and business partners Businesses can scale up to 750 SSL VPN peers on each Cisco ASA 5520 by installing an SSL VPN upgrade license 750 IPsec VPN peers are supported on the base platform VPN capacity and resiliency can also be increased by taking advantage of the Cisco ASA 5520 s integrated VPN clustering and load balancing capabilities The Cisco ASA 5520 supports up to 10 appliances in a cluster supporting a maximum of 7500 SSL VPN peers or 7500 IPsec VPN peers per cluster The advanced application layer security and content security defenses provided by the Cisco ASA 5520 can be extended by deploying the high performance intrusion prevention and worm mitigation capabilities of the AIP SSM or the comprehensive malware protection of the CSC SSM Using the optional security context capabilities of the Cisco ASA 5520 Adaptive Security Appliance businesses can deploy up to 20 virtual firewalls within an appliance to enable compartmentalized control of security policies on a departmental level This virtualization strengthens security
9. 00 2 000 000 IPsec VPN Peers 10000 10000 SSL VPN Peer License Levels 10 25 50 100 250 500 750 1000 2500 5000 and 10 000 10 25 50 100 250 500 750 1000 2500 5000 and 10000 Security Contexts Up to 50 Up to 50 Interfaces 2 Gigabit Ethernet management 2 Gigabit Ethernet management Interface Card Slots 6 6 Interface Card Options e 4 Port 10 100 1000 RJ45 e 4 Port Gigabit Ethernet fiber SR LC 2 Port 10Gigabit Ethernet fiber SR LC 4 Port 10 100 1000 RJ45 e 4 Port Gigabit Ethernet fiber SR LC e 2 Port 10Gigabit Ethernet fiber SR LC Virtual interfaces VLANs 100 250 100 250 Scalability VPN clustering and load balancing VPN clustering and load balancing High Availability Active Active Active Standby Active Active Active Standby Redundant Power Supported second power supply optional Supported second power supply optional Separately licensed feature includes two with base system Supported in a future software release Specifications Table 7 8 provides a comparison of the Cisco ASA 5505 5510 5520 5540 5550 and 5580 Adaptive Security Appliances Table 7 Characteristics of Cisco ASA 5500 Series Adaptive Security Appliances Feature Cisco ASA 5505 Cisco ASA 5510 Cisco ASA 5520 Cisco ASA 5540 Cisco ASA 5550 Users Nodes 10 50 or Unlimited Unlimited U
10. 10 5520 Throughput e 225 Mbps with Cisco ASA e 375 Mbps with Cisco ASA e 650 Mbps with Cisco ASA Firewall IPS 5520 5520 5540 Services i A 500 Mbps with Cisco ASA 5540 Technical Specifications Memory 1 GB 2GB 4GB Flash 256 MB 256 MB 2GB Environmental Operating Ranges Operating Temperature 32 to 104 F 0 to 40 C Relative humidity 5 to 95 percent noncondensing Nonoperating Temperature 13 to 158 F 25 to 70 C Power consumption 90W maximum Physical Specifications Dimensions 1 70 x 6 80 x 12 25 in 4 32 x 17 27 x 31 12 cm H x W x D Weight with Power 3 00 Ib 1 36 kg Supply Regulatory and Standards Compliance Safety UL 60950 CSA C22 2 No 60950 EN 60950 IEC 60950 AS NZS60950 Electromagnetic CE marking FCC Part 15 Class A AS NZS CISPR22 Class A VCCI Class A EN55022 Class A Compatibility EMC CISPR22 Class A EN61000 3 2 EN61000 3 3 Cisco ASA 5500 Series Content Security and Control Module The Cisco ASA 5500 Series CSC SSM delivers industry leading threat protection and content control at the Internet edge providing comprehensive antivirus anti spyware file blocking anti spam anti phishing URL blocking and filtering and content filtering in an easy to manage solution The CSC SSM bolsters the Cisco ASA 5500 Series strong security capabilities providing customers with additional protection and control over the
11. 12 GB Minimum System Flash 1 GB 1 GB System Bus Multibus architecture Multibus architecture Environmental Operating Ranges Operating Operating temperature 50 to 95F 10 to 350 Relative humidity 10 to 90 percent noncondensing Altitude Designed and tested for 0 to 10 000 ft 3050 m Agency Approved for 2000 m Noise 55 dBa max Nonoperating Temperature 22 to 140F 30 to 60 Relative humidity 5 to 95 percent noncondensing Altitude 0 to 30 000 ft 9144 m Power Input per Power Supply Range line voltage 100 to 240 VAC Normal line voltage 100 to 240 VAC Current 12A Frequency 50 60 Hz Output Steady state 800W Maximum peak 800W Maximum heat dissipation 4070 BTU hr Physical Specifications Form Factor 4 RU 19 in rack mountable Dimensions H x W x D 6 94 x 19 x 26 5 in 17 6 x 48 3 x 67 3 cm 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 11 of 19 Data Sheet a Feature Cisco ASA 5580 20 Cisco ASA 5580 40 Weight with Single Power 66 Ib 29 9 kg Supply Regulatory and Standards Safety UL 60950 CSA C22 2 No 60950 EN 60950 IEC 60950 AS NZS60950 Electromagnetic CE marking FCC Part 15 Class A AS NZS CISPR22 Class A VCCI Class A EN55022 Class Compatibility EMC A C
12. 50 users 1000 users 500 users Optional Feature Upgrades Plus License Adds anti spam anti phishing URL blocking and filtering and content control Technical Specifications Memory 1 GB 2GB System Flash 256 MB 256 MB Environmental Operating Ranges Operating Temperature 32 to 104 F 0 to 40 C Relative Humidity 10 to 90 percent noncondensing Nonoperating Temperature 13 to 158 F 25 to 70 C Power consumption 90W maximum Physical Specifications Dimensions H x W x D 1 70 x 6 80 x 12 25 in 4 32 x 17 27 x 31 12 cm Weight With Power Supply 3 00 Ib 1 36 kg Regulatory and Standards Compliance Safety UL 60950 CSA C22 2 No 60950 EN 60950 IEC 60950 AS NZS60950 Electromagnetic Compatibility EMC CE marking FCC Part 15 Class A AS NZS CISPR22 Class A VCCI Class A EN55022 Class A CISPR22 Class A EN61000 3 2 EN61000 3 3 Cisco ASA 5500 Series 4 Port Gigabit Ethernet Module The Cisco ASA 4 Port Gigabit Ethernet SSM enables businesses to better segment network traffic into separate security zones providing more granular security for their network environment These zones can range from the Internet to internal corporate departments sites to DMZs This high performance module supports both copper and optical connection options by including four 10 100 1000 copper Ru 45 ports and four SFP ports Businesses can choose between c
13. 5540 AIP20 K9 Cisco ASA 5540 IPS Edition includes AIP SSM 40 firewall services 5000 IPsec VPN peers 2 SSL VPN peers 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5540 AIP40 K9 Cisco ASA 5500 Series Content Security Edition Bundles Cisco ASA 5510 Content Security Edition includes CSC SSM 10 50 user antivirus anti spyware with 1 year subscription firewall services 250 IPsec VPN peers 2 SSL VPN peers 3 Fast Ethernet interfaces ASA5510 CSC10 K9 Cisco ASA 5510 Content Security Edition includes CSC SSM 20 500 user antivirus anti spyware with 1 year subscription firewall services 250 IPsec VPN peers 2 SSL VPN peers 3 Fast Ethernet interfaces ASA5510 CSC20 K9 Cisco ASA 5520 Content Security Edition includes CSC SSM 10 50 user antivirus anti spyware with 1 year subscription firewall services 750 IPsec VPN peers 2 SSL VPN peers 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5520 CSC10 K9 Cisco ASA 5520 Content Security Edition includes CSC SSM 20 500 user antivirus anti spyware with 1 year subscription firewall services 750 IPsec VPN peers 2 SSL VPN peers 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5520 CSC20 K9 Cisco ASA 5500 Series SSL IPsec VPN Edition Bundles Cisco ASA 5505 SSL IPsec VPN Edition includes 10 IPsec VPN peers 10 SSL VPN peers 50 firewall users 8 port Fast Ethernet switch ASA5505 SSL10 K9 Cisco ASA 5505 SSL IPsec VPN Ed
14. ASA 5500 Series appliances include maximum IPsec VPN users on the base system SSL VPN is licensed and purchased separately By converging SSL and IPsec VPN services with comprehensive threat defense technologies the Cisco ASA 5500 Series provides highly customizable network access tailored to meet the requirements of diverse deployment environments while providing advanced endpoint and network level security Cisco ASA 5505 Adaptive Security Appliance The Cisco ASA 5505 Adaptive Security Appliance is a next generation full featured security appliance for small business branch office and enterprise teleworker environments The Cisco ASA 5505 delivers high performance firewall SSL and IPsec VPN and rich networking services in 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 2 of 19 Data Sheet a a modular plug and play appliance Using the integrated Cisco Adaptive Security Device Manager the Cisco ASA 5505 can be rapidly deployed and easily managed enabling businesses to minimize operations costs The Cisco ASA 5505 features a flexible 8 port 10 100 Fast Ethernet switch whose ports can be dynamically grouped to create up to three separate VLANs for home business and Internet traffic for improved network segmentation and security The Cisco ASA 5505 provides two Power over Ethernet PoE ports enabling simplified deployment of Cisco IP phones with zero touch secure voice over IP VoI
15. Afiafi CISCO Data Sheet Cisco ASA 5500 Series Adaptive Security Appliances Cisco ASA 5500 Series Adaptive Security Appliances are purpose built solutions that combine best in class security and VPN services with an innovative extensible services architecture Designed as a core component of the Cisco Self Defending Network the Cisco ASA 5500 Series provides proactive threat defense that stops attacks before they spread through the network controls network activity and application traffic and delivers flexible VPN connectivity The result is a powerful multifunction network security appliance family that provides the security breadth and depth for protecting home office branch office small and medium sized business enterprise and data center networks while reducing the overall deployment and operations costs and complexities associated with providing this new level of security The Cisco ASA 5500 Series delivers a powerful combination of multiple market proven technologies in a single platform making it operationally and economically feasible for organizations to deploy comprehensive security services to more locations The comprehensive portfolio of services within the Cisco ASA 5500 Series enables customization for location specific needs through tailored product editions for small to medium sized businesses and for enterprises These editions enable superior protection by providing the right services for the right location Each editi
16. Edition includes 8 Gigabit Ethernet interfaces 1 Fast Ethernet ASA5550 BUN K9 interface 4 Gigabit SFP interfaces 5000 IPsec VPN peers 2 SSL VPN peers 3DES AES license Cisco ASA 5550 Firewall Edition includes 8 Gigabit Ethernet interfaces 1 Fast Ethernet ASA5550 K8 interface 4 Gigabit SFP interfaces 5000 IPsec VPN peers 2 SSL VPN peers DES license Cisco ASA 5580 20 Firewall Edition includes 2 management interfaces 5000 IPsec VPN peers 2 ASA5580 20 BUN K8 SSL VPN peers DES license Cisco ASA 5580 20 Firewall Edition includes 2 management interfaces 5000 IPsec VPN peers 2 ASA5580 20 BUN K9 SSL VPN peers 3DES AES license Cisco ASA 5580 20 Firewall Edition 4 Gigabit Ethernet Bundle includes 4 Gigabit Ethernet ASA5580 20 4GE K9 interfaces 2 management interfaces 5000 IPsec VPN peers 2 SSL VPN peers Dual AC power 83DES AES license Cisco ASA 5580 20 Firewall Edition 8 Gigabit Ethernet Bundle includes 8 Gigabit Ethernet ASA5580 20 8GE K9 interfaces 2 management interfaces 5000 IPsec VPN peers 2 SSL VPN peers Dual AC power 8DES AES license Cisco ASA 5580 40 Firewall Edition includes 2 management interfaces 5000 IPsec VPN peers 2 ASA5580 40 BUN K8 SSL VPN peers DES license Cisco ASA 5580 40 Firewall Edition includes 2 management interfaces 5000 IPsec VPN peers 2 ASA5580 40 BUN K9 SSL VPN peers 3DES AES license 2008 Cisco Systems Inc All rights reserved This document is Ci
17. ISPR22 Class A EN61000 3 2 EN61000 3 3 Available through an upgrade license Supported in a future ASA software release Security Services Modules The Cisco ASA 5500 Series brings a new level of integrated security performance to networks with its unique AIM services and multiprocessor hardware architecture This architecture allows businesses to adapt and extend the high performance security services profile of the Cisco ASA 5500 Series Customers can add additional high performance services using security services modules with dedicated security co processors and can custom tailor flow specific policies using a highly flexible policy framework This adaptable architecture enables businesses to deploy new security services when and where they are needed such as adding the broad range of intrusion prevention and advanced anti worm services delivered by the AIP SSM or the comprehensive malware protection and content security services enabled by the CSC SSM Further the architecture allows Cisco to introduce new services to address new threats delivering businesses outstanding investment protection for the Cisco ASA 5500 Series Cisco ASA 5500 Series Advanced Inspection and Prevention Module The Cisco ASA 5500 Series AIP SSM is an inline network based solution that accurately identifies classifies and stops malicious traffic before it affects business continuity It combines inline prevention services with innovative technologies res
18. P capabilities and deployment of external wireless access points for extended network mobility The Cisco ASA 5505 also provides significant expandability and investment protection through its modular design similar to the rest of the Cisco ASA 5500 Series offering both an external expansion slot and multiple USB ports that enable the addition of services in the future As business needs grow customers can install a Security Plus upgrade license enabling the Cisco ASA 5505 Adaptive Security Appliance to scale to support a higher connection capacity and a higher number of IPsec VPN users add full DMZ support and integrate into switched network environments through VLAN trunking support Furthermore this upgrade license maximizes business continuity by enabling support for redundant ISP connections and stateless Active Standby high availability services This combination of market leading security and VPN services advanced networking features flexible remote management capabilities and future extensibility makes the Cisco ASA 5505 an excellent choice for businesses requiring a best in class small business branch office or enterprise teleworker security solution Table 1 lists features of the Cisco ASA 5505 Table 1 Cisco ASA 5505 Adaptive Security Appliance Platform Capabilities and Capacities Feature Description Firewall Throughput Up to 150 Mbps VPN Throughput Up to 100 Mbps Concurrent Sessions 10 000
19. a platform makes the Cisco ASA 5510 an excellent choice for businesses requiring a cost effective extensible DMZ enabled security solution As business needs grow customers can install a Security Plus license upgrading two of the Cisco ASA 5510 Adaptive Security Appliance interfaces to Gigabit Ethernet and enabling integration into switched network environments through VLAN support This upgrade license maximizes business continuity by enabling Active Active and Active Standby high availability services Using the optional security context capabilities of the Cisco ASA 5510 Adaptive Security Appliance businesses can deploy up to five virtual firewalls within an appliance to enable compartmentalized control of security policies on a departmental level This virtualization strengthens security and reduces overall management and support costs while consolidating multiple security devices into a single appliance Businesses can extend their SSL and IPsec VPN capacity to support a larger number of mobile workers remote sites and business partners Businesses can scale up to 250 SSL VPN peers on each Cisco ASA 5510 by installing an SSL VPN upgrade license 250 IPsec VPN peers are supported on the base platform VPN capacity and resiliency can also be increased by taking advantage of the Cisco ASA 5510 s integrated VPN clustering and load balancing capabilities available if a Security Plus license is installed The Cisco ASA 5510 supports up to 10 app
20. and reduces overall management and support costs while consolidating multiple security devices into a single appliance Table 3 lists features of the Cisco ASA 5520 Table 3 Cisco ASA 5520 Adaptive Security Appliance Platform Capabilities and Capacities Feature Description Firewall Throughput Up to 450 Mbps Maximum Firewall and IPS Throughput Up to 225 Mbps with AIP SSM 10 Up to 375 Mbps with AIP SSM 20 Up to 450 Mbps with AIP SSM 40 VPN Throughput Up to 225 Mbps Concurrent Sessions 280 000 IPsec VPN Peers 750 SSL VPN Peer License Levels 10 25 50 100 250 500 or 750 Security Contexts Up to 20 Interfaces 4 Gigabit Ethernet ports and 1 Fast Ethernet port Virtual Interfaces VLANs 150 Scalability VPN clustering and load balancing High Availability Active Active Active Standby Separately licensed feature includes two with base system Cisco ASA 5540 Adaptive Security Appliance The Cisco ASA 5540 Adaptive Security Appliance delivers high performance high density security services with Active Active high availability and Gigabit Ethernet connectivity for medium sized and large enterprise and service provider networks in a reliable modular appliance With four Gigabit Ethernet interfaces and support for up to 100 VLANs businesses can use the Cisco ASA 5540 to segment their network into numerous zones for improved security The Cisco ASA 5540 Adaptive Security App
21. atures of the Cisco ASA 5540 Table 4 Cisco ASA 5540 Adaptive Security Appliance Platform Capabilities and Capacities Feature Description Firewall Throughput Up to 650 Mbps Maximum Firewall and IPS Throughput Up to 500 Mbps with AIP SSM 20 Up to 650 Mbps with AIP SSM 40 VPN Throughput Up to 325 Mbps Concurrent Sessions 400 000 IPsec VPN Peers 5000 SSL VPN Peer License Levels 10 25 50 100 250 500 750 1000 and 2500 Security Contexts Up to 50 Interfaces 4 Gigabit Ethernet ports and 1 Fast Ethernet port Virtual Interfaces VLANs 200 Scalability VPN clustering and load balancing High Availability Active Active Active Standby Separately licensed feature includes two with base system Cisco ASA 5550 Adaptive Security Appliance The Cisco ASA 5550 Adaptive Security Appliance delivers gigabit class security services with Active Active high availability and fiber and Gigabit Ethernet connectivity for large enterprise and service provider networks in a reliable 1 rack unit form factor Using its eight Gigabit Ethernet interfaces four Small Form Factor Pluggable SFP fiber interfaces and support for up to 200 VLANs businesses can segment their network into numerous high performance zones for improved security The Cisco ASA 5550 Adaptive Security Appliance scales with businesses as their network security requirements grow delivering exceptional investment protection and services
22. e 2 5 2 20 2 50 2 50 Contexts Security Plus Included Maximum High Availability Not supported Not supported Active Active and Active Active and Active Active and stateless Active Active and Active Standby Active Standby Active Standby Active Standby Active Standby and redundant ISP support Expansion Slot 1 SSC 1 SSM 1 SSM 1 SSM 0 User Accessible 0 1 1 1 1 Flash slot USB 2 0 Ports 3 1 on front 2 on 2 2 2 2 rear Serial Ports 1 RJ 45 console 2 RJ 45 console 2 RJ 45 console 2 RJ 45 console 2 RJ 45 console and auxiliary and auxiliary and auxiliary and auxiliary Rack Mountable Yes with rack Yes Yes Yes Yes mount kit available in the future Wall Mountable Yes with wall Not Available Not Available Not Available Not Available mount kit available in the future Security Lock Yes Not Available Not Available Not Available Not Available Slot for Physical Security Technical Specifications Memory 256 MB 256 MB 512 MB 1GB 4GB Minimum 64 MB 64 MB 64 MB 64 MB 64 MB System Flash System Bus Multibus Multibus architecture Multibus Multibus Multibus architecture architecture architecture architecture Environmental Operating Ranges Operating Temperature 32 to 1042F 0 to 40 C 32 to 104 F 0 to 40 C Relative humidity 5 to 95 percent noncondensing 5 to 95 percent noncondensing Altitude Designed and tested for 0 to 9840 ft
23. ition includes 25 IPsec VPN peers 25 SSL VPN peers 50 firewall users 8 port Fast Ethernet switch ASA5505 SSL25 K9 Cisco ASA 5510 SSL IPsec VPN Edition includes 250 IPsec VPN peers 50 SSL VPN peers firewall services 3 Fast Ethernet interfaces ASA5510 SSL50 K9 Cisco ASA 5510 SSL IPsec VPN Edition includes 250 IPsec VPN peers 100 SSL VPN 100 peers firewall services 3 Fast Ethernet interfaces ASA5510 SSL100 K9 Cisco ASA 5510 SSL IPsec VPN Edition includes 250 IPsec VPN peers 250 SSL VPN peers firewall services 3 Fast Ethernet interfaces ASA5510 SSL250 K9 Cisco ASA 5520 SSL IPsec VPN Edition includes 750 IPsec VPN peers 500 SSL VPN peers firewall services 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5520 SSL500 K9 Cisco ASA 5540 SSL IPsec VPN Edition includes 5000 IPsec VPN peers 1000 SSL VPN peers firewall services 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5540 SSL1000 K9 Cisco ASA 5540 SSL IPsec VPN Edition includes 5000 IPsec VPN peers 2500 SSL VPN peers firewall services 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5540 SSL2500 K9 Cisco ASA 5550 SSL IPsec VPN Edition includes 5000 IPsec VPN peers 2500 SSL VPN peers firewall services 8 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5550 SSL2500 K9 Cisco ASA 5550 SSL IPsec VPN Edition includes 5000 IPsec VPN peers 5000 SSL VPN peers firewall services 8 Gigabit Ethe
24. latforms and modules that feature IPS functionality SMARTnet and Service Provider Base support other products in this family 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 18 of 19 Data Sheet oT For More Information For more information please visit the following links e Cisco ASA 5500 Series Adaptive Security Appliance http www cisco com go asa e Cisco Adaptive Security Device Manager http www cisco com go asdm e Cisco Security Services http www cisco com en US products svcs ps2961 ps2952 serv_group home html ajrali AMG iss Heede lsat alz Poot le Hearckyuertars Eepe reas quarters l 5 Clee Syair ne Giso Systoma USA e fei Circe Syatoma Iniomelianel PY Gari uosa CA Singecore Arnaiarday Tha Netherlancs co has Tore thas 2700 offices worsiw de Addresses phos num bers and fax num bes are listei om tie Cisco Weare ai wwecikoo coma Switch Sveti Certa Feat hoaia k Arator Nota Hobex loge arn rogincerad y Linke an The Tospaciive wrens Toe wee of iha wat parina neau nod imaly e paray yl tie ralecoratic banwoan Ciega ard ery ohar uongeny 030I All other uacomerks reorsiented inthis doc meri or Wians are die Printed in USA C78 345385 08 04 08 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 19 of 19
25. ld HTTP 20 Gbps jumbo frames jumbo frames 3DES AES VPN Throughput 1 Gbps 1 Gbps 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 10 of 19 Data Sheet a Feature Cisco ASA 5580 20 Cisco ASA 5580 40 IPsec VPN Peers 10 000 10 000 SSL VPN Peers 2 10 000 2 10 000 Concurrent Connections 1 000 000 2 000 000 New Connections Second 90 000 150 000 Packets Second 64 byte 2 500 000 4 000 000 Integrated Network Ports 2 Gigabit Ethernet management 2 Gigabit Ethernet management Interface Card Slots 6 6 Interface Card Options e 4 Port 10 100 1000 RJ45 e 4 Port Gigabit Ethernet fiber SR LC e 2 Port 10Gigabit Ethernet fiber SR LC 4 Port 10 100 1000 RJ45 e 4 Port Gigabit Ethernet fiber SR LC e 2 Port 10Gigabit Ethernet fiber SR LC Virtual Interfaces 100 250 100 250 Security Contexts 2 50 2 50 High Availability Active Active and Active Standby Active Active and Active Standby Redundant Power Supported second power supply optional Supported second power supply optional Interface Expansion 6 interface expansion card slots 6 interface expansion card slots USB 2 0 Ports 2 2 Serial Ports 1 Ru 45 console 1 RJ 45 console Rack Mountable Yes rails included Yes rails included Technical Specifications Memory 8 GB
26. liance scales with businesses as their network security requirements grow delivering exceptional investment protection and services scalability The advanced network and application layer security services and content security defenses provided by the Cisco ASA 5540 Adaptive Security Appliance can be extended by deploying the AIP SSM for high performance intrusion prevention and worm mitigation Businesses can scale their SSL and IPsec VPN capacity to support a larger number of mobile workers remote sites and business partners Businesses can scale up to 2500 SSL VPN peers 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 5 of 19 Data Sheet a on each Cisco ASA 5540 by installing an SSL VPN upgrade license 5000 IPsec VPN peers are supported on the base platform VPN capacity and resiliency can also be increased by taking advantage of the Cisco ASA 5540 s integrated VPN clustering and load balancing capabilities The Cisco ASA 5540 supports up to 10 appliances in a cluster supporting a maximum of 25 000 SSL VPN peers or 50 000 IPsec VPN peers per cluster Using the optional security context capabilities of the Cisco ASA 5540 Adaptive Security Appliance businesses can deploy up to 50 virtual firewalls within an appliance to enable compartmentalized control of security policies on a per department or per customer basis and deliver reduced overall management and support costs Table 4 lists fe
27. liances in acluster supporting a maximum of 2500 SSL VPN peers or 2500 IPsec VPN peers per cluster Table 2 lists features of the Cisco ASA 5510 Table 2 Cisco ASA 5510 Adaptive Security Appliance Platform Capabilities and Capacities Feature Description Firewall Throughput Up to 300 Mbps Maximum Firewall and IPS Throughput e Up to 150 Mbps with AIP SSM 10 Up to 300 Mbps with AIP SSM 20 VPN Throughput Up to 170 Mbps Concurrent Sessions 50 000 130 000 IPsec VPN Peers 250 SSL VPN Peer License Levels 10 25 50 100 or 250 Security Contexts Up to 5 Interfaces Five Fast Ethernet ports 2 Gigabit Ethernet 3 Fast Ethernet Virtual Interfaces VLANs 50 100 Scalability VPN clustering and load balancing High Availability Not supported Active Active Active Standby Separately licensed feature includes two with the base system Separately licensed feature includes two with the Cisco ASA 5510 Security Plus license Upgrade available with Cisco ASA 5510 Security Plus license Cisco ASA 5520 Adaptive Security Appliance The Cisco ASA 5520 Adaptive Security Appliance delivers security services with Active Active high availability and Gigabit Ethernet connectivity for medium sized enterprise networks in a modular high performance appliance With four Gigabit Ethernet interfaces and support for up to 100 VLANs businesses can easily deploy the Cisco ASA 5520 into multiple
28. ncludes 8 port Fast Ethernet switch 25 ASA5505 SEC BUN K9 IPsec VPN peers 2 SSL VPN peers DMZ stateless Active Standby high availability 3DES AES license Cisco ASA 5510 Firewall Edition includes 3 Fast Ethernet interfaces 250 IPsec VPN peers 2 ASA5510 BUN K9 SSL VPN peers 3DES AES license Cisco ASA 5510 Firewall Edition includes 3 Fast Ethernet interfaces 250 IPsec VPN peers 2 ASA5510 K8 amp SSL VPN peers DES license Cisco ASA 5510 Security Plus Firewall Edition includes 2 Gigabit Ethernet 3 Fast Ethernet ASA5510 SEC BUN K9 interfaces 250 IPsec VPN peers 2 SSL VPN peers Active Standby high availability 3DES AES license Cisco ASA 5520 Firewall Edition includes 4 Gigabit Ethernet interfaces 1 Fast Ethernet ASA5520 BUN K9 interface 750 IPsec VPN peers 2 SSL VPN peers Active Active and Active Standby high availability 3DES AES license Cisco ASA 5520 Firewall Edition includes 4 Gigabit Ethernet interfaces 1 Fast Ethernet ASA5520 K8 interface 750 IPsec VPN peers 2 SSL VPN peers Active Active and Active Standby high availability DES license Cisco ASA 5540 Firewall Edition includes 4 Gigabit Ethernet interfaces 1 Fast Ethernet ASA5540 BUN K9 interface 5000 IPsec VPN peers 2 SSL VPN peers 3DES AES license Cisco ASA 5540 Firewall Edition includes 4 Gigabit Ethernet interfaces 1 Fast Ethernet ASA5540 K8 interface 5000 IPsec VPN peers 2 SSL VPN peers DES license Cisco ASA 5550 Firewall
29. nlimited Unlimited unlimited Firewall Up to 150 Mbps Up to 300 Mbps Up to 450 Mbps Up to 650 Mbps Up to 1 2 Gbps Throughput Maximum Not available e Up to 150 Mbps e Up to 225 Mbps Up to 500 Mbps Not available Firewall and IPS with AIP SSM 10 with AIP SSM with AIP SSM Throughput e Up to 300 Mbps 10 20 with AIP SSM 20 Up to 375 Mbps Up to 650 Mbps with AIP SSM with AIP SSM 20 40 Up to 450 Mbps with AIP SSM 40 3DES AES VPN Upto 100 Mbps Up to 170 Mbps Up to 225 Mbps Up to 325 Mbps Up to 425 Mbps Throughput IPsec VPN Peers 10 25 250 750 5000 5000 SSL VPN Peers 2 25 2 250 2 750 2 2500 2 5000 Included Maximum Concurrent 10 000 25 000 50 000 130 000 280 000 400 000 650 000 Connections New 4000 9000 12 000 25 000 36 000 Connections Second Integrated 8 port Fast 5 Fast Ethernet 4 Gigabit Ethernet 4 Gigabit Ethernet 8 Gigabit Ethernet Network Ports Ethernet switch including 2 PoE ports ports 2 Gigabit Ethernet 3 Fast Ethernet ports 1 Fast Ethernet 1 Fast Ethernet 4 SFP Fiber 1 Fast Ethernet 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 8 of 19 Data Sheet a Feature Cisco ASA 5505 Cisco ASA 5510 Cisco ASA 5520 Cisco ASA 5540 Cisco ASA 5550 Virtual Interfaces 3 no trunking 50 100 150 200 250 VLANs support 20 with trunking support Security 0 0 0 0 Bas
30. on combines a focused set of Cisco ASA 5500 Series services such as firewall SSL and IPsec VPN IPS and content security services to meet the needs of specific environments within the enterprise network By ensuring the security needs of each location are met the overall network security posture is raised Figure 1 Cisco ASA 5500 Series Adaptive Security Appliances The Cisco ASA 5500 Series helps businesses more effectively and efficiently protect their networks while delivering exceptional investment protection through the following key elements e Market proven security and VPN capabilities Full featured high performance firewall intrusion prevention IPS content security and Secure Sockets Layer IP Security SSL IPsec VPN technologies deliver robust application security user and application based access control worm and virus mitigation malware protection content filtering and remote user site connectivity e Extensible services architecture Taking advantage of a modular services processing and policy framework offered by the Cisco ASA 5500 Series businesses can apply specific security and network services on a per traffic flow basis delivering highly granular policy controls and a wide range of protective services with streamlined traffic processing The 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 1 of 19 Data Sheet efficiencies of this policy framework
31. opper or fiber connectivity for each of the four ports providing flexibility for data center campus or enterprise edge connectivity with a maximum of four ports in service concurrently The module extends the I O profile of the Cisco ASA 5500 Series to a total of five Fast Ethernet and four Gigabit Ethernet ports on the Cisco ASA 5510 and eight Gigabit Ethernet ports and one Fast Ethernet port on Cisco ASA 5520 and 5540 appliances Table 11 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 14 of 19 Data Sheet Table 11 Characteristics of Cisco ASA 5500 Series 4 Port Gigabit Ethernet SSM Feature Cisco ASA 5500 Series 4 Port GE SSM Technical Specifications Integrated LAN Ports Four 10 100 1000BASE T RJ Integrated SFP Ports Four Gigabit Ethernet Optical SFP 1000BASE SX or LX LH transceiver supported Environmental Operating Ranges Operating Temperature 32 to 104 F 0 to 40 C Relative humidity 5 to 95 percent noncondensing Nonoperating Temperature 13 to 158 F 25 to 70 C Power consumption 25W maximum Physical Specifications Dimensions H x W x D 1 70 x 6 80 x 12 25 in 4 32 x 17 27 x 31 12 cm Weight with Power Supply 2 00 Ib 0 91 kg Regulatory and Standards Compliance Safety UL 60950 CSA C22 2 No 60950 EN 60950 IEC 60950 AS NZS60950 Electromagnetic CE marking FCC Part 15 Cla
32. r UTP 4 pair um um Power Consumption 4 95 W 3 3V 1 5 A 4 95 W 3 3V 1 5 A 14 W 12V 1 17 A 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 15 of 19 Data Sheet oT Feature Cisco ASA 5580 4 Port Gigabit Cisco ASA 5580 4 Port Cisco ASA 5580 2 Port Ethernet Copper Gigabit Ethernet Fiber 10Gigabit Ethernet Fiber Physical Specifications Weight Approx 1lb Approx 1lb Approx 1b Ordering Information To place an order visit the Cisco Ordering Home Page Table 13 provides ordering information for the Cisco ASA 5500 Series Table 13 Ordering Information Product Name Part Number Cisco ASA 5500 Series Firewall Edition Bundles Cisco ASA 5505 10 User Bundle includes 8 port Fast Ethernet switch 10 IPsec VPN peers 2 ASA5505 BUN K9 SSL VPN peers Triple Data Encryption Standard Advanced Encryption Standard 3DES AES license Cisco ASA 5505 10 User Bundle includes 8 port Fast Ethernet switch 10 IPsec VPN peers 2 ASA5505 K8 amp SSL VPN peers Data Encryption Standard DES license Cisco ASA 5505 50 User Bundle includes 8 port Fast Ethernet switch 10 IPsec VPN peers 2 ASA5505 50 BUN K9 SSL VPN peers 3DES AES license Cisco ASA 5505 Unlimited User Bundle includes 8 port Fast Ethernet switch 10 IPsec VPN ASA5505 UL BUN K9 peers 2 SSL VPN peers 3DES AES license Cisco ASA 5505 Unlimited User Security Plus Bundle i
33. rnet interfaces 1 Fast Ethernet interface ASA5550 SSL5000 K9 Cisco ASA 5580 SSL IPsec VPN Edition includes 10 000 IPsec VPN peers 10 000 SSL VPN peers firewall services 4 Gigabit Ethernet interfaces 2 management interfaces Dual AC power 8DES AES license ASA5580 20 10K K9 Security Services Modules Cisco ASA Advanced Inspection and Prevention Security Services Module 10 ASA SSM AIP 10 K9 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 17 of 19 Data Sheet a Product Name Part Number Cisco ASA Advanced Inspection and Prevention Security Services Module 20 ASA SSM AIP 20 K9 Cisco ASA Content Security and Control Security Services Module 10 with 50 user antivirus anti ASA SSM CSC 10 K9 spyware 1 year subscription Cisco ASA Content Security and Control Security Services Module 20 with 500 user antivirus anti ASA SSM CSC 20 K9 spyware 1 year subscription Cisco ASA 4 Port Gigabit Ethernet Security Services Module SSM 4GE Cisco ASA 5580 Series Interface Expansion Cards Cisco ASA 5580 4 port 10 100 1000 Ethernet interface card RJ45 ASA5580 4GE CU Cisco ASA 5580 4 port Gigabit Ethernet fiber interface card SR LC ASA5580 4GE Fl Cisco ASA 5580 2 port 10 Gigabit Ethernet fiber interface card SR LC ASA5580 2X10GE SR Cisco ASA 5500 Series Software Cisco ASA Software one time upgrade for nonsupport cu
34. scalability Businesses can scale their SSL and IPsec VPN capacity to support a larger number of mobile workers remote sites and business partners Businesses can scale up to 5000 SSL VPN peers on each Cisco ASA 5550 by installing an SSL VPN upgrade license 5000 IPsec VPN peers are supported on the base platform VPN capacity and resiliency can also be increased by taking advantage of the Cisco ASA 5550 s integrated VPN clustering and load balancing capabilities The Cisco ASA 5550 supports up to 10 appliances in a cluster supporting a maximum of 50 000 SSL VPN peers or 50 000 IPsec VPN peers per cluster Using the optional security context capabilities of the Cisco ASA 5550 Adaptive Security Appliance businesses can deploy up to 50 virtual firewalls within an appliance to enable compartmentalized control of security policies on a per department or per customer basis and deliver reduced overall management and support costs 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 6 of 19 Data Sheet a Note The system provides a total of 12 Gigabit Ethernet ports of which only 8 can be in service at any time Businesses can choose between copper or fiber connectivity providing flexibility for data center campus or enterprise edge connectivity Table 5 lists features of the Cisco ASA 5550 Table 5 Cisco ASA 5550 Adaptive Security Appliance Platform Capabilities and Capacities Feature
35. sco Public Information Page 16 of 19 Data Sheet oT Product Name Part Number Cisco ASA 5580 40 Firewall Edition 8 Gigabit Ethernet Bundle includes 8 Gigabit Ethernet interfaces 2 management interfaces 5000 IPsec VPN peers 2 SSL VPN peers Dual AC power 83DES AES license ASA5580 40 8GE K9 Cisco ASA 5580 40 Firewall Edition 4 10Gigabit Ethernet Bundle includes 4 10Gigabit Ethernet interfaces 2 management interfaces 5000 IPsec VPN peers 2 SSL VPN peers Dual AC power 3DES AES license ASA5580 40 10GE K9 Cisco ASA 5500 Series IPS Edition Bundles Cisco ASA 5510 IPS Edition includes AIP SSM 10 firewall services 250 IPsec VPN peers 2 SSL VPN peers 5 Fast Ethernet interfaces ASA5510 AIP10 K9 Cisco ASA 5520 IPS Edition includes AIP SSM 10 firewall services 750 IPsec VPN peers 2 SSL VPN peers 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5520 AIP10 K9 Cisco ASA 5520 IPS Edition includes AIP SSM 20 firewall services 750 IPsec VPN peers 2 SSL VPN peers 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5520 AIP20 K9 Cisco ASA 5520 IPS Edition includes AIP SSM 40 firewall services 750 IPsec VPN peers 2 SSL VPN peers 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA5520 AIP40 K9 Cisco ASA 5540 IPS Edition includes AIP SSM 20 firewall services 5000 IPsec VPN peers 2 SSL VPN peers 4 Gigabit Ethernet interfaces 1 Fast Ethernet interface ASA
36. ss A AS NZS CISPR22 Class A VCCI Class A EN55022 Class Compatibility EMC A CISPR22 Class A EN61000 3 2 EN61000 3 3 Cisco ASA 5580 Security Appliance Interface Cards The Cisco ASA 5580 Adaptive Security Appliances are designed for ultimate interface flexibility and density with six interface card expansion slots supporting up to 24 Gigabit Ethernet ports 12 10Gigabit Ethernet ports or combinations thereof These exceptional interface densities enable advanced security applications including full mesh high availability multiple DMZs virtual firewalls and managed security Gigabit Ethernet interfaces are available in 4 port copper or fiber configurations and 10Gigabit Ethernet is available in a 2 port fiber configuration Gigabit Ethernet and 10Gigabit Ethernet fiber interfaces feature integrated short range optics SR and an LC connector Table 12 Table 12 Characteristics of Cisco ASA 5580 Series Interface Cards Feature Cisco ASA 5580 4 Port Gigabit Cisco ASA 5580 4 Port Cisco ASA 5580 2 Port Ethernet Copper Gigabit Ethernet Fiber 10Gigabit Ethernet Fiber Integrated 4 0 0 10 100 1000 Ports Integrated 1000BASE 0 4 with integrated short range 0 SX Ports optics LC connector Integrated fiber 10 0 0 2 with integrated short range Gigabit Ethernet optics LC connector Ports Wiring Support Category 5 unshielded twisted Multimode fiber 62 5 um or 50 Multimode fiber 62 5 um or 50 pai
37. stomers ASA SW UPGRADE Cisco ASA 5500 Series Accessories Cisco ASA 5500 Series compact flash 256 MB ASA5500 CF 256MB Cisco ASA 5500 Series compact flash 512 MB ASA5500 CF 512MB Cisco ASA 180W AC power supply ASA 180W PWR AC Gigabit Ethernet optical SFP connector 1000BASE SX short wavelength transceiver GLC SX MM Gigabit Ethernet optical SFP connector 1000BASE LX LH long wavelength long haul transceiver GLC LH SM Cisco ASA 5580 Spare AC Power Supply ASA5580 PWR AC Cisco ASA 5580 Spare Rail Kit ASA5580 RAILS To Download the Software Visit the Cisco Software Center to download Cisco ASA Software Service and Support Cisco services help you protect your network investment optimize network operations and prepare your network for new applications to extend network intelligence and the power of your business Included in the Operate phase of the lifecycle are Cisco Security Intellishield Alert Manager Service SMARTnet Service Provider Base and Cisco Services for IPS These services are suitable for Enterprise Commercial and Services Provider customers Cisco Security Intellishield Alert Manager Service provides a customizable web based threat and vulnerability alert service that allows organizations to easily access timely accurate and credible information about potential vulnerabilities in their environment Cisco Services for IPS supports modules platforms and bundles of p
38. tivity The result is a powerful multifunction network security appliance family that provides the security breadth and depth for protecting small and medium sized business SMB enterprise and service provider networks while reducing the overall deployment and operations costs and complexities associated with providing this new level of security Through its unique Modular Policy Framework MPF the Cisco ASA 5500 Series brings a new level of security and policy control to applications and networks MPF allows businesses to adapt and extend the profile of the Cisco ASA 5500 Series through highly customizable flow specific security policies tailored to application requirements while providing performance and extensibility through user installable SSMs This adaptable architecture enables businesses to rapidly deploy security services when and where they are needed such as tailoring inspection techniques to specific application and user needs or adding additional intrusion prevention and content security such as those delivered by the Adaptive Inspection and Prevention AIP and Content Security and Control CSC SSM Furthermore the modular hardware architecture of the Cisco ASA 5500 Series along with flexible MPF enables the integration of future network and security extending the outstanding investment protection provided by the Cisco ASA 5500 Series and allowing businesses to adapt their network defenses to new threats as they arise All Cisco
39. ulting in total confidence in the provided protection of the deployed IPS solution without the fear of legitimate traffic being dropped The AIP SSM also offers comprehensive network protection through its unique ability to collaborate with other network security resources providing a proactive approach to protecting the network It uses accurate inline prevention technologies that provide unparalleled confidence to take preventive action on a broader range of threats without the risk of dropping legitimate traffic These unique technologies offer intelligent automated contextual analysis of data and help ensure that businesses are getting the most out of their intrusion prevention solutions Furthermore the AIP SSM uses multivector threat identification to protect the network from policy violations vulnerability exploitations and anomalous activity through detailed inspection of traffic in Layers 2 through 7 Table 9 details the two AIP SSM models that are available and their respective performance and physical characteristics 2008 Cisco Systems Inc All rights reserved This document is Cisco Public Information Page 12 of 19 Data Sheet Table 9 Characteristics of Cisco ASA 5500 Series AIP SSMs Feature Cisco ASA 5500 Series AIP Cisco ASA 5500 Series AIP Cisco ASA 5500 Series AIP SSM 10 SSM 20 SSM 40 Concurrent Threat e 150 Mbps with Cisco ASA 300 Mbps with Cisco ASA 450 Mbps with Cisco ASA Mitigation 5510 55
Download Pdf Manuals
Related Search