Cisco ASA 5500 Series IPS Solution

Similar documents
Cisco ASA 5500 Series Adaptive Security Appliances

The Cisco ASA 5500 Series Adaptive Security Appliances

Cisco SR 520-T1 Secure Router

ASA5525-FPWR-K9 Datasheet. Overview. Check its price: Click Here. Quick Specs

Cisco ASA 5500 Series IPS Edition for the Enterprise

Cisco NAC Network Module for Integrated Services Routers

Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Cisco 3900 Series Router Datasheet

Cisco ASA with FirePOWER Services

Symantec Network Security 7100 Series

Cisco Firepower 9300 Security Appliance

ASA5508-FTD-K9. ASA 5508-X with Firepower Threat Defense. 8GE. AC. 450 Mbps. 250 Mbps. 1 Gbps. 500 Mbps. 100 Mbps. Unlimited

Cisco ACE30 Application Control Engine Module

Cisco ASA with FirePOWER Services

Cisco 3300 Series Mobility Services Engine. Open, Appliance-Based Platform for Delivering Mobility Services

Cisco Intrusion Prevention Solutions

Network Capacity Expansion System

Cisco Catalyst 6500 Series VPN Services Port Adapter

Cisco ASA Software Release 8.2

Appliance Comparison Chart

Snort: The World s Most Widely Deployed IPS Technology

Cisco VPN Internal Service Module for Cisco ISR G2

Cisco Nexus 7000 Switches Second-Generation Supervisor Modules Data Sheet

Cisco Mobility Services Engine: An Open, Appliance-Based Platform for Delivering Mobility Services

Cisco Nexus 7000 Switches Supervisor Module

McAfee Network Security Platform

Clean wireless. High-performance clean wireless solutions

Cisco ASA with FirePOWER Services

Cisco RF Gateway 10 Supervisor Engine V-10GE

Cisco 2900 Series Router Datasheet

Enhanced Performance, Versatility, High Availability, and Reliability at the Provider Edge.

Cisco 3300 Series Mobility Services Engine

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS NETWORK SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Cisco UCS B460 M4 Blade Server

Extending Performance, Versatility, and Reliability at the Provider Edge

McAfee Network Security Platform

Cisco Nexus 7000 Series Supervisor Module

Cisco Catalyst 4500 Series Line Cards

Juniper Networks IDP 75/250/800/8200

Cisco ASR 9001 Router

Next-Generation Firewall Series Datasheet

Cisco UCS B230 M2 Blade Server

Cisco 1-Gbps Wideband Shared Port Adapter for the Cisco ubr10012 Universal Broadband Router

Cisco Content Delivery Engine 280 for TV Streaming

Enhanced Performance, Versatility, High Availability, and Reliability at the Provider Edge

Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Delivers fast, accurate data about security threats:

Future-ready security for small and mid-size enterprises

Cisco Video Management and Storage System Network Module

Cisco Integrated Services Routers 1941 Series Datasheet

Networking Drivers & Trends

Cisco IOS Inline Intrusion Prevention System (IPS)

Data Sheet. DPtech IPS2000 Series Intrusion Prevention System. Overview. Series IPS2000-MC-N. Features

NETWORK SECURITY STORMSHIELD. Unified Threat Management Solutions and Next- Generation Firewalls

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

NetDefend UTM Firewall Series

Aruba 7000 Series Mobility Controller Data Sheet

ARUBA 7000 SERIES MOBILITY CONTROLLER

Cisco Secure Network Server

Cisco RV110W Wireless-N VPN Firewall

Cisco SCE 2020 Service Control Engine

Data Sheet. DPtech Anti-DDoS Series. Overview. Series

ARUBA 7000 SERIES MOBILITY CONTROLLER

Cisco Secure Network Server

Cisco Nexus 9500 Platform Switches for Cisco Application Centric Infrastructure

Cisco 2-, 5-, 8-, and 10-Port Gigabit Ethernet Shared Port Adapters, Version 2

Cisco RV180 VPN Router

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

SECURITY FOR SMALL BUSINESSES

IPS-1 Robust and accurate intrusion prevention

Cisco Self Defending Network

Behavior-Based IDS: StealthWatch Overview and Deployment Methodology

QuickSpecs. Models HP TippingPoint S8010F Next Generation Firewall Appliance

Cisco UCS C210 M1 General-Purpose Rack-Mount Server

N-Dimension n-platform 340S Unified Threat Management System

A Unified Threat Defense: The Need for Security Convergence

Cisco SA 500 Series Security Appliances

Cisco ASR 9000 Series 4-Port and 8-Port 100 Gigabit Ethernet Line Cards

Cisco Nexus 9500 Series Switches

NSG50/100/200 Nebula Cloud Managed Security Gateway

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Compare Security Analytics Solutions

Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics

Cisco Edge 300 Series

The SonicWALL PRO Series

XSR 1800 Series Security Router for Branch Offices

Cisco Nexus 9500 Platform Switches for Cisco Application Centric Infrastructure

Meraki Z-Series Cloud Managed Teleworker Gateway

Cisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion

Cisco UCS C210 M2 General-Purpose Rack-Mount Server

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

Cisco UCS C200 M2 High-Density Rack-Mount Server

Cisco Series Performance Routing Engine 4

Cisco Edge 300 Series

IDP SERIES INTRUSION DETECTION AND PREVENTION APPLIANCES (IDP75, IDP250, IDP800, IDP8200)

4 PWR XL: Catalyst 3524 PWR XL Stackable 10/100 Ethernet

ARUBA 7000 SERIES CLOUD SERVICES CONTROLLER

Cisco 7600 Series Route Switch Processor 720

Transcription:

Cisco ASA 5500 Series IPS Product Overview As mobile devices and Web 2.0 applications proliferate, it becomes harder to secure corporate perimeters. Traditional firewall and intrusion prevention system (IPS) solutions are not enough to keep up with the fast-changing threat landscape. The Cisco ASA 5500 Series IPS provides superior real-time protection for your critical information assets, using innovative IPS with Global Correlation, firewall, and VPN technology. The Cisco ASA 5500 Series IPS delivers intrusion prevention capabilities using a range of hardware-accelerated IPS modules, cards, and security services processors. IPS technology extends firewall protection by blocking threats such as worms, Trojans, viruses, distributed denial of service attacks, reconnaissance attacks, and attacks against operating system and application vulnerabilities. Cisco IPS with Global Correlation increases the efficacy of traditional IPS. With updates every five minutes, Cisco IPS with Global Correlation provides the fastest and most accurate threat protection with real-time global intelligence from Cisco IPS, firewall, email, and web appliances. In addition to securing your network, the Cisco ASA 5500 Series IPS also helps you meet compliance mandates. Whether your mandate is the Payment Card Industry (PCI) standard in retail, the Federal Financial Institutions Examination Council (FFIEC) in banking, or the Health Insurance Portability and Accountability Act (HIPAA) in healthcare, the Cisco ASA 5500 Series IPS helps ensure that your network is safe and your compliance requirements are met. Figure 1. Cisco ASA 5500 Series IPS Features and Benefits The Cisco ASA 5500 Series IPS delivers high performance and powerful security protection in a single easy-to-deploy platform (Figure 1). Superior Security Protection The Cisco ASA 5500 Series IPS counteracts threats before they enter your network. Whether you have an IPv6 network, IPv4 network, or hybrid IPv6 and IPv4 network, the solution provides: Wide-ranging IPS capabilities: The Cisco ASA 5500 Series IPS delivers all the IPS capabilities available on Cisco IPS 4200 Series Sensors. The ASA 5500 Series IPS technology can be deployed inline in the traffic path or in promiscuous mode, in which a copy of the traffic is sent to the IPS for inspection. The Cisco ASA 5500 Series IPS provides protection against tens of thousands of known attacks. And with Cisco anomaly detection and Global Correlation, your network can be protected against day-zero threats before signature updates are available. Global Correlation: Cisco Global Correlation provides real-time updates on the global threat environment beyond your perimeter by adding reputation analysis, reducing the window of threat exposure, and providing 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 8

continuous feedback. With these new capabilities, Cisco IPS sensors can detect more threats, detect them earlier and more accurately, and protect critical assets from malicious attacks. Comprehensive and timely attack protection: The Cisco ASA 5500 Series IPS delivers protection against tens of thousands of known exploits and millions more potential unknown exploit variants using specialized IPS detection engines and thousands of signatures. Cisco Services for IPS provides signature updates through a global intelligence team working 24 hours a day to help ensure that you are protected against the latest threats. Zero-day attack protection: The Cisco ASA 5500 Series IPS provides powerful protection against zero-day attacks. Cisco anomaly detection learns the normal behavior on your network and alerts you when it sees anomalous activities in your network. Cisco anomaly protection helps protect you against new threats even before signatures are available. Application inspection and control: The application inspection engines in the Cisco ASA 5500 Series IPS provide granular control of who and what can enter the network. You can prevent access to potentially dangerous URLs, block rogue callers, and use blacklists to stop infected file attachments from entering your network. Wireless protection: The Cisco ASA 5500 Series IPS is tightly integrated with the Cisco Wireless LAN Controller to help keep intruders out of your wireless network. The Cisco Wireless LAN Controller blocks intruders based on real-time threat intelligence from the Cisco ASA 5500 Series IPS. Unified Communications protection: Strong protection of voice-over-ip (VoIP) protocols, and Cisco Unified Communications Manager helps ensure the constant uptime of your critical voice network. The Cisco ASA 5500 Series IPS uses dedicated voice engines and comprehensive voice signatures to protect your voice network from intruders and attacks. High Performance The Cisco ASA 5500 Series IPS is hardware-accelerated to provide the highest level of performance without negatively affecting firewall or VPN throughput. With the Cisco IPS Security Services Processors, the Cisco ASA 5500 Series IPS can achieve up to 10 Gbps of IPS throughput. Today, almost every important application uses the Internet. VoIP, e-commerce, streaming video, and Web 2.0 applications enable higher productivity and employee collaboration. These networked applications pose different and varying demands on resources such as connection rates, concurrent connections, flow length, and transaction size. From a performance perspective, the spectrum of application types ranges from media-rich environments that feature converged content to highly transactional environments populated by rapid-fire, lightweight connections. The Cisco ASA 5500 Series IPS is optimized for both media-rich and transactional environments. Advanced Policy Provisioning Policy provisioning simplifies management, reduces chances of mistakes, and allows you to focus on important tasks at hand. With the Cisco ASA 5500 Series IPS, you can apply unified policies with the Cisco Modular Policy Framework (MPF) and assign IPS policies within the Cisco IPS technology: Cisco Modular Policy Framework: The Cisco MPF provides a powerful mechanism to assign Cisco ASA firewall, VPN, and IPS policies in one place. With the Cisco MPF, the Cisco ASA firewall passes traffic to the IPS for inspection on a flow-by-flow, as-needed basis. Cisco IPS policy provisioning: For IPS policy provisioning, Cisco IPS technologies are the only products that provide Risk Rating-based policy provisioning. Instead of tuning individual signatures, you assign IPS policies based on risk. All events are assigned a Risk Rating number between 0 and 100 based on the risk 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 8

level of the event. Based on the Risk Rating, different policy actions can be assigned, such as drop packet, alarm, and log. Flexible Management Cisco can provide the right management solutions for you, whether you have five Cisco ASA 5500 Series IPS devices or thousands. Cisco Security Management Suite: The Cisco Security Management Suite is a powerful management application suite that scales up to thousands of devices and helps you manage the IPS, firewall, and VPN capabilities of your Cisco ASA 5500 Series IPS. The suite includes Cisco Security Manager and the Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS). With Cisco Security Manager, you can, at one click, apply security policies or perform software updates to hundreds or thousands of Cisco ASA appliances. Cisco Security MARS can collect and correlate data from the Cisco ASA 5500 Series IPS and other security devices to identify problems and recommend corrective actions. Cisco IPS Manager Express: An all-in-one IPS management and reporting application for small deployments, Cisco IPS Manager Express enables you to provision, monitor, troubleshoot, and provide reports on up to five Cisco IPS devices. A customizable dashboard with more than 10 drag-and-drop gadgets allows you to personalize it to your needs (Figure 2). Figure 2. Cisco IPS Manager Express Table 1 provides Cisco ASA 5500 Series IPS specifications. Table 1. Cisco ASA 5500 Series IPS Specifications Feature Cisco ASA 5505 IPS (base license/security plus license) Cisco ASA 5510 IPS (base license/security plus license) Cisco ASA 5520 IPS Cisco ASA 5540 IPS IPS Maximum IPS throughput 75 Mbps with AIP-SSC-5 150 Mbps with AIP-SSM-10 225 Mbps with AIP-SSM-10 375 Mbps with AIP-SSM-20 450 Mbps with AIP-SSM-40 500 Mbps with AIP-SSM-20 650 Mbps with AIP-SSM-40 Threat protection 25,000+ threats 25,000+ threats 25,000+ threats 25,000+ threats Zero-day protection with anomaly detection No Yes Yes Yes Custom signature support No Yes Yes Yes Virtual sensors 1 4 4 4 Firewall Maximum firewall 150 300 450 650 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 8

Feature throughput (Mbps) Cisco ASA 5505 IPS (base license/security plus license) Cisco ASA 5510 IPS (base license/security plus license) Cisco ASA 5520 IPS Cisco ASA 5540 IPS Maximum firewall connections 10,000/25,000 50,000/130,000 280,000 400,000 VPN Maximum Triple Data Encryption Standard/Advanced Encryption Standard (3DES/AES) VPN throughput (Mbps) Maximum site-to-site and remote-access VPN user sessions 100 170 225 325 10/25 250 750 5,000 Maximum SSL VPN user 25 250 750 2,500 sessions 1 Bundled SSL VPN user sessions 2 2 2 2 Table 2 provides Cisco ASA 5500 Series IPS specifications for Cisco 5585 appliances. Table 2. IPS Specifications for Cisco 5585 Appliances Feature Cisco ASA 5585 SSP-10 IPS Cisco ASA 5585 SSP-20 IPS Cisco ASA 5585 SSP-40 IPS Cisco ASA 5585 SSP-60 IPS IPS Maximum IPS throughput 2 Gbps 3 Gbps 5 Gbps 10 Gbps Threat protection 25,000+ threats 25,000+ threats 25,000+ threats 25,000+ threats Day-zero protection with anomaly detection Yes Yes Yes Yes Custom signature support Yes Yes Yes Yes Virtual sensors 4 4 4 4 Firewall Maximum firewall throughput 2 Gbps (real-world HTTP), 5 Gbps (jumbo frames) 5 Gbps (real-world HTTP), 10 Gbps (jumbo frames) 10 Gbps (real-world HTTP), 20 Gbps (jumbo frames) 20 Gbps (real-world HTTP), 40 Gbps (jumbo frames) Maximum firewall connections 2,000,000 3,000,000 4,000,000 8,000,000 VPN Maximum VPN throughput 1 Gbps 2 Gbps 2 Gbps 5 Gbps IPsec VPN peers 5000 10,000 10,000 10,000 SSL VPN peer license levels Up to 5000 Up to 5000 Up to 10,000 Up to 10,000 Table 3 provides Cisco AIP SSM specifications. Table 3. Cisco AIP SSM Specifications Feature Cisco AIP-SSC-5 Cisco AIP-SSM-10 Cisco AIP-SSM-20 Cisco AIP-SSM-40 Technical Specifications Management and monitoring interface Uses host ASA 5505 management interface 1 Ethernet 10/100 port 1 Ethernet 10/100 port 1 Ethernet 10/100/1000 port Memory 512 MB 1 GB 2 GB 4 GB Minimum flash 512 MB 256 MB 256 MB 2 GB 1 Beginning with Cisco ASA Software Release 7.1, SSL VPN (Web VPN) capability requires a license. Systems include 2 SSL VPN users by default for evaluation and remote management purposes 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 8

Feature Cisco AIP-SSC-5 Cisco AIP-SSM-10 Cisco AIP-SSM-20 Cisco AIP-SSM-40 Environmental Operating Ranges Operating Temperature 32 to 104ºF (0 to 40ºC) 32 to 104ºF (0 to 40ºC) 32 to 104ºF (0 to 40ºC) 32 to 104ºF (0 to 40ºC) Relative humidity 5 to 95% noncondensing 5 to 95% noncondensing 5 to 95% noncondensing 5 to 95% noncondensing Nonoperating Temperature -13 to 158ºF (-25 to 70ºC) -13 to 158ºF (-25 to 70ºC) -13 to 158ºF (-25 to 70ºC) -13 to 158ºF (-25 to 70ºC) Relative humidity 5 to 95% noncondensing 5 to 95% noncondensing 5 to 95% noncondensing 5 to 95% noncondensing Altitude 0 to 15,000 ft (4570 m) 0 to 15,000 ft (4570 m) 0 to 15,000 ft (4570 m) 0 to 15,000 ft (4570 m) Power and Mean Time Between Failure Power consumption 30W maximum 90W maximum 90W maximum 90W maximum Mean time between failure (MTBF) 874,070 hours (100 years) 299,588 hours (31 years) 309,296 hours (35 years) 221,679 hours (25 years) Physical Specifications Dimensions (HxWxD) 0.68 x 3.55 x 5,2 in (1.73 x 9.02 x 13.21 cm) 1.70 x 6.80 x 11.00 in. (4.32 x 17.27 x 27.94 cm) 1.70 x 6.80 x 11.00 in. (4.32 x 17.27 x 27.94 cm) 1.70 x 6.80 x 11.00 in. (4.32 x 17.27 x 27.94 cm) Weight 0.42 lb (0.19 kg) 3.00 lb (1.36 kg) 3.00 lb (1.36 kg) 2.58 lb (1.17 kg) Regulatory and Standards Compliance Safety UL 1950, CSA C22.2 No. 950, EN 60950 IEC 60950, AS/NZS3260, TS001 UL 1950, CSA C22.2 No. 950, EN 60950 IEC 60950, AS/NZS3260, TS001 UL 1950, CSA C22.2 No. 950, EN 60950 IEC 60950, AS/NZS3260, TS001 UL 1950, CSA C22.2 No. 950, EN 60950 IEC 60950, AS/NZS3260, TS001 Electromagnetic compatibility (EMC) Class A, AS/NZS 3548 Class A, AS/NZS 3548 Class A, AS/NZS 3548 Class A, AS/NZS 3548 Table 4 provides Cisco IPS SSP specifications. Table 4. Cisco IPS SSP Specifications Cisco IPS SSP-10 Cisco IPS SSP-20 Cisco IPS SSP-40 Cisco IPS SSP-60 Technical Specifications Management and monitoring interface 1 Ethernet 10/100/1000 port 1 Ethernet 10/100/1000 port 1 Ethernet 10/100/1000 port 1 Ethernet 10/100/1000 port Memory 6 GB 12 GB 24 GB 48 GB Minimum flash 2 GB 2 GB 2 GB 2 GB Environmental Operating Ranges Operating Temperature +50F to +95F (+10C to +35C) +50F to +95F (+10C to +35C) +50F to +95F (+10C to +35C) +50F to +95F (+10C to +35C) Relative humidity 10% to 90% (noncondensing) 10% to 90% (noncondensing) 10% to 90% (noncondensing) 10% to 90% (noncondensing) Nonoperating Temperature -40F to +158F (-40C to +70C) -40F to +158F (-40C to +70C) -40F to +158F (-40C to +70C) -40F to +158F (-40C to +70C) Relative humidity 5% to 95% (noncondensing) 5% to 95% (noncondensing) 5% to 95% (noncondensing) 5% to 95% (noncondensing) Altitude 0 to 30,000 ft (9144 m) 0 to 30,000 ft (9144 m) 0 to 30,000 ft (9144 m) 0 to 30,000 ft (9144 m) Power and Mean Time Between Failure Power consumption 30W maximum 30W maximum 30W maximum 30W maximum Mean time between failure (MTBF) 109,887 hrs 102,869 hrs 87,829 hrs 78,136 hrs 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 8

Cisco IPS SSP-10 Cisco IPS SSP-20 Cisco IPS SSP-40 Cisco IPS SSP-60 Physical Specifications Dimensions (HxWxD) 1.70 x 6.80 x 12.25 in. (4.32 x 17.27 x 31.12 cm) 1.70 x 6.80 x 12.25 in. (4.32 x 17.27 x 31.12 cm) 1.70 x 6.80 x 12.25 in. (4.32 x 17.27 x 31.12 cm) 1.70 x 6.80 x 12.25 in. (4.32 x 17.27 x 31.12 cm) Weight 3.00 lb (1.36 kg) 3.00 lb (1.36 kg) 3.00 lb (1.36 kg) 3.00 lb (1.36 kg) Regulatory and Standards Compliance Safety UL 60950, CSA C22.2 No. 60950, EN 60950 IEC 60950, AS/NZS60950 UL 60950, CSA C22.2 No. 60950, EN 60950 IEC 60950, AS/NZS60950 UL 60950, CSA C22.2 No. 60950, EN 60950 IEC 60950, AS/NZS60950 UL 60950, CSA C22.2 No. 60950, EN 60950 IEC 60950, AS/NZS60950 Electromagnetic compatibility (EMC) Class A, AS/NZS CISPR22 Class A, AS/NZS CISPR22 Class A, AS/NZS CISPR22 Class A, AS/NZS CISPR22 Ordering Information To place an order, visit the Cisco Ordering homepage. See Table 5 for ordering information. Table 5. Ordering Information Product Name Part Number Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5505 50-User Adaptive Security Appliance with AIP-SSC-5 (chassis, software, 8 Fast Ethernet interfaces,10 IPsec VPN peers, 2 SSL VPN peers, 3DES/AES license) Cisco ASA 5505 Unlimited-User Adaptive Security Appliance with Security Plus License and AIP-SSC-5 (chassis, software, 8 Fast Ethernet interfaces, 25 IPsec VPN peers, 2 SSL VPN peers, DMZ support, stateless Active/Standby high availability, 3DES/AES license ASA5505-50-AIP5-K9 ASA5505-U-AIP5P-K9 Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance with AIP-SSM-10 (chassis, software, 250 VPN peers, 4 Fast Cisco ASA 5510 Adaptive Security Appliance with Security Plus License and AIP-SSM-10 (chassis, software, 2 Gigabit Ethernet interfaces, 3 Fast Ethernet interfaces, 250 IPsec VPN peers, 2 SSL VPN peers, Active/Active high availability, 3DES/AES) Cisco ASA 5510 Adaptive Security Appliance with Security Plus License and AIP-SSM-20 (chassis, software, 2 Gigabit Ethernet interfaces, 3 Fast Ethernet interfaces, 250 IPsec VPN peers, 2 SSL VPN peers, Active/Active high availability, 3DES/AES) ASA5510-AIP10-K9 ASA5510-AIP10SP-K9 ASA5510-AIP20SP-K9 Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance with AIP-SSM-10 (chassis, software, 750 VPN peers, 4 Gigabit Cisco ASA 5520 Adaptive Security Appliance with AIP-SSM-20 (chassis, software, 750 VPN peers, 4 Gigabit Cisco ASA 5520 Adaptive Security Appliance with AIP-SSM-40 (chassis, software, 750 VPN peers, 4 Gigabit ASA5520-AIP10-K9 ASA5520-AIP20-K9 ASA5520-AIP40-K9 Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance with AIP-SSM-20 (chassis, software, 5000 VPN peers, 4 Gigabit Cisco ASA 5540 Adaptive Security Appliance with AIP-SSM-40 (chassis, software, 5000 VPN peers, 4 Gigabit ASA5540-AIP20-K9 ASA5540-AIP40-K9 Cisco ASA 5585 Adaptive Security Appliances Cisco ASA 5585-X Firewall Edition SSP-10 IPS SSP-10 bundle includes 8 Gigabit Ethernet interfaces, 2 Gigabit Ethernet management interfaces, 5000 IPsec VPN peers, 2 SSL VPN peers, DES license Cisco ASA 5585-X Firewall Edition SSP-10 IPS SSP-10 bundle includes 8 Gigabit Ethernet interfaces, 2 Gigabit Ethernet management interfaces, 5000 IPsec VPN peers, 2 SSL VPN peers, 3DES/AES license Cisco ASA 5585-X Firewall Edition SSP-10 IPS SSP-10 bundle includes 8 Gigabit Ethernet interfaces, 2 10 Gigabit Ethernet SFP+ interfaces, 2 Gigabit Ethernet management interfaces, 5000 IPsec VPN peers, 2 SSL VPN peers, dual AC power, 3DES/AES license Cisco ASA 5585-X Firewall Edition SSP-20 IPS SSP-20 bundle includes 8 Gigabit Ethernet interfaces, 2 Gigabit Ethernet management interfaces, 10,000 IPsec VPN peers, 2 SSL VPN peers, DES license ASA5585-S10P10-K8 ASA5585-S10P10-K9 ASA5585-S10P10XK9 ASA5585-S20P20-K8 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 8

Product Name Cisco ASA 5585-X Firewall Edition SSP-20 IPS SSP-20 bundle includes 8 Gigabit Ethernet interfaces, 2 Gigabit Ethernet management interfaces, 10,000 IPsec VPN peers, 2 SSL VPN peers, 3DES/AES license Cisco ASA 5585-X Firewall Edition SSP-20 IPS SSP-20 bundle includes 8 Gigabit Ethernet interfaces, 2 10 VPN peers, dual AC power, 3DES/AES license Cisco ASA 5585-X Firewall Edition SSP-40 IPS SSP-40 bundle includes 6 Gigabit Ethernet interfaces, 4 10 VPN peers, dual AC power, DES license Cisco ASA 5585-X Firewall Edition SSP-40 IPS SSP-40 bundle includes 6 Gigabit Ethernet interfaces, 4 10 VPN peers, dual AC power, 3DES/AES license Cisco ASA 5585-X Firewall Edition SSP-60 IPS SSP-60 bundle includes 6 Gigabit Ethernet interfaces, 4 10 VPN peers, dual AC power, 3DES/AES license Cisco ASA 5585-X Firewall Edition SSP-60 IPS SSP-60 bundle includes 6 Gigabit Ethernet interfaces, 4 10 VPN peers, dual AC power, 3DES/AES license Part Number ASA5585-S20P20-K9 ASA5585-S20P20XK9 ASA5585-S40P40-K8 ASA5585-S40P40-K9 ASA5585-S60P60-K8 ASA5585-S60P60-K9 Security Services Modules Cisco ASA 5500 Series Advanced Inspection and Prevention Security Services Card 5 (AIP-SSC-5) Cisco ASA 5500 Series Advanced Inspection and Prevention Security Services Module 10 (AIP-SSM-10) Cisco ASA 5500 Series Advanced Inspection and Prevention Security Services Module 20 (AIP-SSM-20) Cisco ASA 5500 Series Advanced Inspection and Prevention Security Services Module 40 (AIP-SSM-40) ASA-SSC-AIP-5-K9= ASA-SSM-AIP-10-K9= ASA-SSM-AIP-20-K9= ASA-SSM-AIP-40-K9= Security Services Processors Cisco ASA 5585-X IPS Security Services Processor 10 s with 8 GE Cisco ASA 5585-X IPS Security Services Processor 20 (SSP-20) with 8 GE Cisco ASA 5585-X IPS Security Services Processor 40 (SSP-40) with 6 GE,4 SFP+ Cisco ASA 5585-X IPS Security Services Processor-60 (SSP-60) with 6 GE,4 SFP+ ASA-SSP-IPS10 ASA-SSP-IPS20 ASA-SSP-IPS40 ASA-SSP-IPS60 Service and Support Cisco offers a wide range of service programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services for security, visit http://www.cisco.com/go/services/security. Cisco Services for IPS Cisco Services for IPS is an integral part of the Cisco ASA 5500 Series IPS and enables operators to receive time-critical signature file updates and alerts. Part of the Cisco Technical Support Services portfolio, Cisco Services for IPS allows your Cisco ASA 5500 Series IPS to stay current on the latest threats so that malicious or damaging traffic is accurately identified, classified, and stopped. Cisco Services for IPS features include: Signature file updates and alerts Registered access to Cisco.com for online tools and technical assistance Access to the Cisco Technical Assistance Center Cisco IPS software updates Advance replacement of failed hardware For more information about Cisco Services for IPS, visit http://www.cisco.com/en/us/products/ps6076/serv_group_home.html. 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 8

Export Considerations The Cisco ASA 5500 Series IPS and Cisco AIP SSMs are subject to export controls. For guidance, refer to the export compliance website at http://www.cisco.com/wwl/export/crypto/. For specific export questions, contact export@cisco.com. Additional Information For more information about the Cisco ASA 5500 Series IPS, visit http://www.cisco.com/go/asaips. For more information about Cisco IPS solutions, visit http://www.cisco.com/go/ips. For more information about Cisco ASA 5500 Series Adaptive Security Appliances, visit http://www.cisco.com/go/asa. For information about Cisco IDS and IPS sensors and software versions that have reached end-of-sale status, visit http://www.cisco.com/en/us/products/hw/vpndevc/ps4077/prod_eol_notices_list.html. For more information about Cisco Security Manager, Cisco Security MARS, and Cisco IPS Manager Express, visit http://www.cisco.com/go/csmanager http://www.cisco.com/go/mars http://www.cisco.com/go/ime Printed in USA C78-459036-05 10/10 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback