Block more threats and quickly mitigate those that do breach your defenses with the industry’s first threat-focused NGFW. Our Cisco Firepower NGFW appliances combine our proven network firewall with the industry’s most effective next-gen IPS and advanced malware protection. All so you can get more visibility, be more flexible, save more, and pro...
Block more threats and quickly mitigate those that do breach your defenses with the industry’s first threat-focused NGFW. Our Cisco Firepower NGFW appliances combine our proven network firewall with the industry’s most effective next-gen IPS and advanced malware protection. All so you can get more visibility, be more flexible, save more, and protect better.
Check out the ASA 5500-X series or for smaller networks the ASA 5505.
Cisco ASA 5500 Series Adaptive Security Appliances deliver a robust suite of highly integrated, market-leading security services for small and medium-sized businesses (SMBs), enterprises, and service providers—in addition to providing unprecedented services flexibility, modular scalability, feature extensibility, and lower deployment and operations costs.
Cisco ASA 5500 Series Adaptive Security Appliances are purpose-built solutions that integrate world-class firewall, unified communications security, VPN, intrusion prevention (IPS), and content security services in a unified platform. The series builds upon proven technologies from Cisco PIX® 500 Series Security Appliances, Cisco IPS 4200 Series Sensors, and Cisco VPN 3000 Series Concentrators.
Cisco ASA 5500 Series Adaptive Security Appliances are a key component of the Cisco Self-Defending Network. The Cisco ASA 5500 Series provides intelligent threat defense that stops attacks before they penetrate the network perimeter, controls network and application activity, and delivers secure remote access and site-to-site connectivity. The result is a powerful multifunction network security appliance family that provides security breadth, precision, and depth for protecting business networks of all sizes, while reducing the overall deployment and operations costs associated with implementing comprehensive multilayer security.
For more information please see the Cisco Data Sheet:
The Cisco ASA 5512-X, 5515-X, 5525-X, 5545-X, and 5555-X are next-generation firewalls that combine the most widely deployed stateful inspection firewall in the industry with a comprehensive suite of next-generation network security services - for comprehensive security without compromise. They provide multiple security services and redundant power supplies and enable consistent security enforcement throughout the organization. In addition to comprehensive stateful inspection firewall capabilities, optional features include integrated cloud- and software-based security services - Cisco Application Visibility and Control (AVC), Cisco Web Security Essentials (WSE), Cisco Cloud Web Security (CWS), and IPS. Cisco Next-Generation Firewalls are managed by Cisco Prime Security Manger. These models range in their performance and throughput capabilities not only in the hardware platforms but also in the services and number of users that can be supported on each model. Depending on the customer requirements and performance needs, they can be deployed at small office, Internet edge, and even data center locations.
The ASA 5505 adaptive security appliance supports a built-in switch. There are two kinds of ports and interfaces that you need to configure:
•Physical switch ports—The adaptive security appliance has eight Fast Ethernet switch ports that forward traffic at Layer 2, using the switching function in hardware. Two of these ports are PoE ports. See the "Power Over Ethernet" section for more information. You can connect these interfaces directly to user equipment such as PCs, IP phones, or a DSL modem. Or you can connect to another switch.
•Logical VLAN interfaces—In routed mode, these interfaces forward traffic between VLAN networks at Layer 3, using the configured security policy to apply firewall and VPN services. In transparent mode, these interfaces forward traffic between the VLANs on the same network at Layer 2, using the configured security policy to apply firewall services. See the "Maximum Active VLAN Interfaces for Your License" section for more information about the maximum VLAN interfaces. VLAN interfaces let you divide your equipment into separate VLANs, for example, home, business, and Internet VLANs.
To segregate the switch ports into separate VLANs, you assign each switch port to a VLAN interface. Switch ports on the same VLAN can communicate with each other using hardware switching. But when a switch port on VLAN 1 wants to communicate with a switch port on VLAN 2, then the adaptive security appliance applies the security policy to the traffic and routes or bridges between the two VLANs.