Cisco ASA
Encyclopedia
In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA 5500 Series, is Cisco
's line of network security
devices introduced in 2005, that succeeded three existing lines of popular Cisco products:
. The ASA series of devices run PIX code 7.0 and later. Through PIX OS release 7.x the PIX and the ASA use the same software images. Examples of emulators include PEMU and Dynagen http://www.dynagen.org, and with NetworkSims (Networksims) for a simulator.
Cisco
Cisco may refer to:Companies:*Cisco Systems, a computer networking company* Certis CISCO, corporatised entity of the former Commercial and Industrial Security Corporation in Singapore...
's line of network security
Network security
In the field of networking, the area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources...
devices introduced in 2005, that succeeded three existing lines of popular Cisco products:
- Cisco PIXCisco PIXCisco PIX is a popular IP firewall and network address translation appliance. It was one of the first products in this market segment....
, which provided firewall and network address translationNetwork address translationIn computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
(NAT) functions. - Cisco IPS 4200 Series, which worked as intrusion prevention systems (IPS).
- Cisco VPN 3000 Series Concentrators, which provided virtual private networkVirtual private networkA virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
ing (VPN).
Specifications of past and present models
Like the Cisco PIX firewalls, the ASAs are based on Intel x86 architectureX86 architecture
The term x86 refers to a family of instruction set architectures based on the Intel 8086 CPU. The 8086 was launched in 1978 as a fully 16-bit extension of Intel's 8-bit based 8080 microprocessor and also introduced segmentation to overcome the 16-bit addressing barrier of such designs...
. The ASA series of devices run PIX code 7.0 and later. Through PIX OS release 7.x the PIX and the ASA use the same software images. Examples of emulators include PEMU and Dynagen http://www.dynagen.org, and with NetworkSims (Networksims) for a simulator.
| Model | 5505 | 5510 | 5520 | 5540 | 5550 | 5580-20 | 5580-40 | 5585-X-SSP20 | 5585-X-SSP60 |
|---|---|---|---|---|---|---|---|---|---|
| Introduced | 2006 | 2005 | 2005 | 2005 | 2006 | 2008 | 2008 | 2010 | 2010 |
| CPU Type | AMD Geode LX | Intel Celeron | IntelPentium 4 Pentium 4 Pentium 4 was a line of single-core desktop and laptop central processing units , introduced by Intel on November 20, 2000 and shipped through August 8, 2008. They had a 7th-generation x86 microarchitecture, called NetBurst, which was the company's first all-new design since the introduction of the... Celeron Celeron Celeron is a brand name given by Intel Corp. to a number of different x86 computer microprocessor models targeted at budget personal computers.... |
Intel Pentium 4 | Intel Pentium 4 | AMD Opteron (2 CPU, 4 cores) | AMD Opteron (4 CPU, 8 cores) | Intel (16 cores) | Intel (24 cores) |
| CPU Speed | 500 MHz | 1.6 GHz | 2.0 GHz | 2.0 GHz | 3.0 GHz | 2.6 GHz | 2.6 GHz | 2.4 GHz | |
| Chipset | Geode CS5536 | Intel 875PCanterwood | |||||||
| Default RAM | 512MB | 1GB | 2GB | 2GB | 4GB | 8GB | 12GB | 12GB | 24GB |
| Boot Flash Device | ATA CompactFlash | ATA CompactFlash | ATA CompactFlash | ATA CompactFlash | ATA CompactFlash | ATA CompactFlash | ATA CompactFlash | ATA CompactFlash | ATA CompactFlash |
| Default Flash | 128MB | 256MB | 256MB | 256MB | 256MB | 1GB | 1GB | 2GB | 2GB |
| Min OS Version | 7.2.1 | 7.0.1 | 7.0.1 | 7.0.1 | 7.1.1 | 8.1.1 | 8.1.1 | ||
| Max Virtual Interfaces | 3 (trunking disabled) or 20 (trunking enabled) with Sec Plus License | 50 or 100 with Sec Plus License | 150 | 200 | 250 | 250 | 250 | ||
| Network chipset(s) | Marvell 88E6095 | ||||||||
| Expansion Modules Supported | AIP-SSC | CSC-SSM, AIP-SSM, 4GE-SSM | CSC-SSM, AIP-SSM, 4GE-SSM | CSC-SSM, AIP-SSM, 4GE-SSM | No | 6 Interface Cards | 6 Interface Cards | IPS-SSP SSP-20 | IPS-SSP SSP-60 |
| Supports SSL VPN | Yes - 2 included, Max 25 | Yes - 2 included, Max 250 | Yes - 2 included, Max 750 | Yes - 2 included, Max 2500 | Yes - 2 included, Max 5000 | Yes - 2 included, Max 10000 | Yes - 2 included, Max 10000 | Yes - 2 included, Max 10000 | Yes - 2 included, Max 10000 |
| Failover Supported | Stateless Active/Standby (with Sec Plus License) | Active/Standby, Active/Active (with Sec Plus License) | Active/Standby, Active/Active | Active/Standby, Active/Active | Active/Standby, Active/Active | Active/Standby, Active/Active | Active/Standby, Active/Active | Active/Standby, Active/Active | Active/Standby, Active/Active |
| Model | 5505 | 5510 | 5520 | 5540 | 5550 | 5580-20 | 5580-40 | 5585-X-SSP20 | 5585-X-SSP60 |
Performance specifications
| Model | 5505 | 5510 | 5520 | 5540 | 5550 | 5580-20 | 5580-40 | 5585-X SSP10 | 5585-X SSP20 | 5585-X SSP40 | 5585-X SSP60 |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Cleartext throughput Throughput In communication networks, such as Ethernet or packet radio, throughput or network throughput is the average rate of successful message delivery over a communication channel. This data may be delivered over a physical or logical link, or pass through a certain network node... , Mbit/s |
150 | 300 | 450 | 650 | 1,200 | 5,000 | 10,000 | 3,000 | 7,000 | 12,000 | 20,000 |
| AES Advanced Encryption Standard Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES... /Triple DES Triple DES In cryptography, Triple DES is the common name for the Triple Data Encryption Algorithm block cipher, which applies the Data Encryption Standard cipher algorithm three times to each data block.... throughput, Mbit/s |
100 | 170 | 225 | 325 | 425 | 1,000 | 1,000 | 1,000 | 2,000 | 3,000 | 5,000 |
| Max simultaneous connections | 10,000 (25,000 with Sec Plus License) | 50,000 (130,000 with Sec Plus License) | 280,000 | 400,000 | 650,000 | 1,000,000 | 2,000,000 | 1,000,000 | 2,000,000 | 4,000,000 | 10,000,000 |
| Max site-to-site and remote access VPN sessions | 10 (25 with Sec Plus License) | 250 | 750 | 5,000 | 5,000 | 10,000 | 10,000 | 5,000 | 10,000 | 10,000 | 10,000 |
| Max number of SSL VPN user sessions | 25 | 250 | 750 | 2,500 | 5,000 | 10,000 | 10,000 | 5,000 | 10,000 | 10,000 | 10,000 |
| Model | 5505 | 5510 | 5520 | 5540 | 5550 | 5580-20 | 5580-40 | 5585-X SSP10 | 5585-X SSP20 | 5585-X SSP40 | 5585-X SSP60 |