To meet
specific needs of small offices and branch offices, Cisco ASA 5500 and ASA
5500-X series next-generation firewalls can do as follows:
- Up to 1.2 Gbps of firewall throughput, 15,000 connections per second, and 250,000 concurrent sessions
- Supports up to 200 VLANs for improved network segmentation and security
- Supports up to 100 security contexts for multilevel control of security policies
- Capable of running multiple simultaneous network security services without sacrificing performance
Whether you
are a small business with a single location, a midsize business, or a large
enterprise with multiple branch offices, Cisco ASA 5500 and ASA 5500-X Series
are the very right choice when you need one for your network. Some clients
raised a question like this: “Next generation ASA 5512-X, 5515-X doesn’t
require IPS module. Is that true?” “Can it block HTTPS web sites? Can it block
HotSpot Shield or Ultra Surf?”
Well, you
will get detailed answers and information of ASA 5505, ASA 5510, ASA 5512-X and
ASA 5515-X in the following Cisco ASA model comparison. It is true that neither
ASA 5512-X nor 5515-X require additional hardware for IPS module, it is already
embedded.
Cisco ASA
Model Comparison: ASA 5505 vs. ASA 5510 vs. ASA 5512-X vs. ASA 5515-X
asa 5505 vs.
asa 5510 vs. asa 5512-x vs. asa 5515-x02
More Notes:
- Maximum throughput with UDP traffic measured under ideal test conditions
- Multiprotocol = Traffic profile consisting primarily of TCP-based protocols/applications like HTTP, SMTP, FTP, IMAPv4, BitTorrent, and DNS
- Throughput was measured using ASA CX Software Release 9.1.1 with multi-protocol traffic profile with both Application Visibility Control (AVC) and Web Security Essentials (WSE). Traffic logging was enabled as well.
- Firewall traffic that does not go through IPS service can have higher throughput.
- VPN throughput and sessions count depend on the ASA device configuration and VPN traffic patterns. These elements should be taken into consideration as part of your capacity planning. Maximum throughput numbers are based on IPsec IKEv1 Remote Access VPN Connectivity.
- 2 AnyConnect Premium User Licenses are included by default.
- A/A = Active/Active; A/S = Active/Standby.
* Requires security plus license
Cisco ASA
Next-Generation Firewall provides services such as Application Visibility and
Control (AVC) Services to control specific behaviors within allowed micro applications,
Web Security Essentials (WSE) Services to restrict web and web application
usage based on reputation of the site and Intrusion Prevention (IPS) to provide
critical threat protection from internet edge related attacks on your personal
use computing systems. Through Cisco Security Intelligence Operations (SIO),
these services provide web reputation that protects against zero-day threats.
With these
Cisco ASA firewalls, you can integrate multiple enterprise-classes,
next-generation network security services without sacrificing performance.
Cisco ASA combines the most deployed stateful inspection firewall in the
industry with next-generation firewall capabilities.
More Related
Cisco ASA 5500 Series
Cisco
ASA5510 Vs ASA5512-X or Cisco 5515-X
Cisco ASA
5520 Basic Configuration Guide
Migrating
from Cisco ASA 5500 Series to ASA 5500-X Series
Cisco ASA
Failover, Failover Modes & ASA Failover Configuration
Using the
Cisco 5500 Series Controller USB Console Port