Asa

ASA&
5585&
2010 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
ASA
ASA
ASA5585
ASA
ASA
Cisco Confidential

ASAUTM
ASA5550ASA5540ASA5520ASA5510ASA5505
VPNIPSAnti-X
ASA
ASA5580,ASA5585
IPS
ASA-----
Cisco PIX
P2P
Anti-X
Anti-X
Trend Micro AV
VPN
IPSec SSL VPN
VPN
Cisco VPN 3000
Cisco ASA 5500
QoS
Cisco ASA
ASA 5585-S60P60
(40 Gbps,
350K conn/s)
ASA 5585-S40P40
ASA 5585-S20P20
(20 Gbps,
200K conn/s)
(10 Gbps,
125K conn/s)
ASA 5585 -S10P10
ASA 5580-40
(10-20 Gbps,
(4 Gbps,
50K conn/s)
ASA 5550
ASA 5540 (1.2 Gbps,
ASA 5520
ASA 5510
(300 Mbps,
(Firewall, ASA 5505 9K conn/s)
IPS, VPN) (150 Mbps,
(450 Mbps,
12K conn/s)
(650 Mbps, 36K conn/s)

25K conn/s)
150K conn/s)
ASA 5580-20
(5-10 Gbps,
90K conn/s)
4K conn/s)
Firewall
and VPN
Branch
Office
2010 Cisco Systems, Inc. All rights
reserved.
Teleworker
Internet
Edge
Campus
Data Center
Cisco Confidential

syslog
Netflow
NAT
VPNIpsec&SSL
Ipsec & SSL VPN
SSL VPN
SSL
IPSec VPN
SSL VPN
IPSec VPN
SSL VPN/
SSL VPN

/
BTFSensorBase
ASASensorBase

MPFBTF
DNS Snooping
SensorBase
DNS SnoopingDNS
BTFSensorBase
10
27
IPS
IPS

11

ASA
SYSTEM CONTEXT
20
20
12

SIO:
Web
IPS
Botnet
Web
13
Netflow
Netflow
14
Cisco Confidential
15

pps
16

IMIXHTTP

25
Throughput in Gbps
20
15
10
64
256
512
1518
5
0
17
pps

6464

10G641Gor2G
1.6Mpps1G
PPS in Millions
12
10
8
6
4
2
0
64
512
1518
9216
18
WEB2.0//P2P

4G1M,100
40
19

WEB2.0//P2P
CPU
CPU
20

ACL
VPN
VPN
21
2
2
22
Internet
NAT
/
PPS
23
Web Tier
Application Tier
Database Tier
24
ASA
25
ASA---
Internet Internet
We need to

deploy SSL VPN
ASA
ASA
ASA
ASA:
:
(/
/VPN)

1.
2.
3.
(Firewall)
/(IDS/IPS)
4.
Site-to-Site VPN
5.
IPSEC VPN
VPN
6.
SSL VPN
Content Filtering
IPVPN
ASA

(.Firewall, VPN, IPS)

7.
8.
9.
ASA

VPN
;
;
/;
IP;
Cisco Confidential
10.
VPN
(IPSECSSL
NAT
IPS
/VPN
ASA5500
,
.
ASA5500
26
ASA---
: .
J:
: ASA
IPS,VPN
/ .
/,
.xxx
:
: ASA
,.
10,10
,,
/,
Roadmap
:
,.
:
(IPS, Firewall, VPN ),
ASA
ASA , IPS,
ASA
(ASDM),
Selim Nart, Network Architect, Vignette Corporation
ASA,
.
Garth Brown, President, Semaphore, Managed Network
Services
,
ASA
,.
,VPNIPS
,! .
Andre Gold, Director Information Security, Continental Airlines
Juniper:
: SSL VPN
.ASA
Juniper SSG/ISG/NS.
: IOS ,
:
,,
,.
:
ASA:http//www.cisco.com/go/asa
Team Folder:Bej-filer01b\wg-\security_solutions
Email alias:prc-security-sevt@cisco.com
Cisco Confidential
27
ASA
28
ASA 5500
Soho
New
New
ASA 5585 SSP-60

(35 Gbps, 350K cps)
New ASA 5585 SSP-40

(20 Gbps,200K cps)
New
ASA 5585 SSP-20
(10 Gbps,125K cps)
ASA 5585 SSP-10
ASA 5540
(4 Gbps,50K cps)
(650 Mbps,25K cps)
ASA 5520
(450 Mbps,12K cps)
ASA 5580-40
ASA 5510
(300 Mbps, 9K cps)
(20 Gbps, 150K cps)
ASA 5505
ASA 5580-20
(150 Mbps, 4K cps)
(10 Gbps, 90K cps)
ASA 5550
(1.2 Gbps, 36K cps)
SOHO
29
ASA5585
30
2U----ASA5585
31
ASA5585-10
(CPL)
Cisco ASA 5585-X SSP-10 (8, 2SFP,

2()5000IPsec VPN2SSL VPN
2Phone ProxyDES
ASA5585-S10-K8
89985.00
Cisco ASA 5585-X SSP-10 (8, 2SFP,

2Phone ProxyDES/3DES
ASA5585-S10-K9
89985.00
Cisco ASA 5585-X SSP-10 (8, 2

SFP+
2()5000IPsec VPN2SSL VPN2
Phone Proxy2DES/3DES
ASA5585-S10X-K9
119985.00
ASA5585-10
8
2/SFP
2()
(Mbps)
()
()
(64)
VLAN
()
()
VPN
2Gbps()
4Gbps ()
1000000
50000
1,500,000
1024
100
1000
(3DES/AES
Mbps)
VPN
SSL VPN
IPS
(Mbps)
10000
10000
2000
(Site to Site/)
32
ASA5585-20
(CPL)
ASA5585-S20-K8
179,985.00
ASA5585-S20-K9
Cisco ASA 5585-X SSP-20 (82SFP
179,985.00
Cisco ASA 5585-X SSP-20 (82SFP

2Phone ProxyDES
Cisco ASA 5585-X SSP-20 (82

SFP+ 2()10000IPsec VPN2SSL VPN
2Phone Proxy2DES/3DES
ASA5585-S20X-K9
279,980.00
ASA5585-20
8
2/SFP
2()
(Mbps)
()
()
(64)
VLAN
()
()
VPN
5Gbps()
10Gbps ()
2000000
125000
3,000,000
1024
250
2000
(3DES/AES
Mbps)
VPN
SSL VPN
IPS
(Mbps)
10000
10000
3000
(Site to Site/)
33
ASA5585-40
(CPL)
ASA5585-S40-K8
41985.00
ASA5585-S40-K9
Cisco ASA 5585-X SSP-40 (64SFP+
41985.00
Cisco ASA 5585-X SSP-40 (6, 4SFP+

, 2()10000IPsec VPN2SSL VPN
2Phone Proxy23DES/DES
425985.00
Cisco ASA 5585-X SSP-40 (64SFP+

2Phone ProxyDES
ASA5585-S40-2AK9
ASA5585-40
6
4/SFP
2()
(Mbps)
()
()
(64)
VLAN
()
()
VPN
10Gbps()
20Gbps ()
4000000
200000
5,000,000
1024
250
3000
(3DES/AES
Mbps)
VPN
SSL VPN
IPS
(Mbps)
10000
10000
5000
(Site to Site/)
34
ASA5585-60
(CPL)

2Phone Proxy2DES
ASA5585-S60-2AK8
674,985.00

2Phone Proxy23DES/DES
ASA5585-S60-2AK9
674,985.00
ASA5585-60
6
4/SFP
2()
(Mbps)
()
()
(64)
VLAN
()
()
VPN
20Gbps()
35Gbps ()
8000000
350000
9,000,000
1024
250
5000
(3DES/AES
Mbps)
VPN
SSL VPN
IPS
(Mbps)
10000
10000
10000
(Site to Site/)
35
ASA
36

------
------/IPSEC&SSL VPN
------ASA558510GbpsIPS
------
------Netflow/
------()
37
------
VM
VM
VM
VM
VM
VM
VM
VM
VM
VM
VM
VM
Web
Application
Web
A
Equivalent
Risk
Levels
ASA
Virtualized per Risk Level
VM
VM
VM
Web
VM
VM
Web
Virtualized per Service
VM

38
------/IPSEC&SSL VPN
ASAIPSEC/SSL VPN
ASAIPhoneIPAD);
ASA VPN
ASA IPVPN
39
------ASA558510GbpsIPS
IPS SSP-10
IPS SSP-20
IPS SSP-40
IPS SSP-60
Yes
Yes
Yes
(Dual CPU)
Yes
(Dual CPU)
Maximum Memory
6 GB
12 GB
24 GB
48 GB
Maximum Storage
2 GB eUSB
2 GB eUSB
2 GB eUSB
2 GB eUSB
Ports
2 x SFP+
8 x 1GbE Cu
2 x 1GbE Cu
Mgmt
2 x SFP+
8 x 1GbE Cu
2 x 1GbE Cu
Mgmt
4 x SFP+
6 x 1GbE Cu
2 x 1GbE Cu
Mgmt
4 x SFP+
6 x 1GbE Cu
2 x 1GbE Cu
Mgmt
2 Gbps
3 Gbps
Processor
Concurrent Firewall and

IPS Throughput
5 Gbps
10 Gbps
40
------
ASA BTF+ IPS Global Correlation
IPSSSL VPN
41
------Netflow/

42
------
43
44

Asa

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Asa

Загружено:

Авторское право:

Доступные форматы

ASA&

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

Cisco ASA 5500

2010 Cisco Systems, Inc. All rights reserved.

ASA 5585 -S10P10

(650 Mbps, 36K conn/s)

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

Ipsec & SSL VPN

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

deploy SSL VPN

2008 Cisco Systems, Inc. All rights reserved.

2008 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

ASA 5585 SSP-60

New ASA 5585 SSP-40

ASA 5585 SSP-10

(650 Mbps,25K cps)

(20 Gbps, 150K cps)

(150 Mbps, 4K cps)

(10 Gbps, 90K cps)

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

Cisco ASA 5585-X SSP-10 (8, 2SFP,

Cisco ASA 5585-X SSP-10 (8, 2SFP,

Cisco ASA 5585-X SSP-10 (8, 2

2010 Cisco Systems, Inc. All rights reserved.

Cisco ASA 5585-X SSP-20 (82SFP

2()10000IPsec VPN2SSL VPN

Cisco ASA 5585-X SSP-20 (82

2010 Cisco Systems, Inc. All rights reserved.

Cisco ASA 5585-X SSP-40 (6, 4SFP+

Cisco ASA 5585-X SSP-40 (64SFP+

2()10000IPsec VPN2SSL VPN

2010 Cisco Systems, Inc. All rights reserved.

Cisco ASA 5585-X SSP-60 (6, 4SFP+

2()10000IPsec VPN2SSL VPN

Cisco ASA 5585-X SSP-60 (6, 4SFP+

2()10000IPsec VPN2SSL VPN

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

2010 Cisco Systems, Inc. All rights reserved.

Virtualized per Risk Level

Virtualized per Service

2010 Cisco Systems, Inc. All rights reserved.

Concurrent Firewall and