Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA is the world’s most widely deployed, enterprise-class stateful firewall. Cisco ASA with FirePOWER Services features these comprehensive capabilities:
- Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
- Granular Application Visibility and Control (AVC) supports more than 3,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
- The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
- Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
- AMP provides industry-leading breach detection effectiveness, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.
Cisco ASA with FirePOWER Services is centrally managed by the Cisco FireSIGHT Management Center, which provides security teams with comprehensive visibility into and control over activity within the network. Such visibility includes users, devices, communication between virtual machines, vulnerabilities, threats, client-side applications, files, and web sites. Holistic, actionable indications of compromise (IoCs) correlate detailed network and endpoint event information and provide further visibility into malware infections. Cisco’s enterprise-class management tools help administrators reduce complexity with unmatched visibility and control across NGFW deployments. Cisco FireSIGHT Management Center also provides content awareness with malware file trajectory that aids infection scoping and root cause determination to speed time to remediation.
Cisco Security Manager provides scalable and centralized network operations workflow management. It integrates a powerful suite of capabilities; including policy and object management, event management, reporting, and troubleshooting for Cisco ASA firewall functions when utilizing Cisco FireSIGHT Management Center.
For local, on-device management including deployments for small and midsized businesses, Cisco Adaptive Security Device Manager (ASDM) 7.3.x provides, access control and advanced threat defense management. ASDM V 7.3.x provides an enhanced user interface that provides quick views on trends and the ability to drill
down for further analysis.
|Cisco ASA 5506-X w/ FirePOWER Services||Cisco ASA 5508-X w/ FirePOWER Services||Cisco ASA 5512-X w/ FirePOWER Services||Cisco ASA 5515-X w/ FirePOWER Services||Cisco ASA 5516-X w/ FirePOWER Services|
Maximum Throughput: Application Control (AVC)
|250 Mbps||450 Mbps||300 Mbps||500 Mbps||850 Mbps|
Maximum Throughput: Application Control (AVC) and IPS
|125 Mbps||250 Mbps||150 Mbps||250 Mbps||450 Mbps|
|Maximum concurrent sessions||20,000; 50,000 with security Plus||100,000||100,000||250,000||250,000|
|Maximum New Connections per second||5,000||10,000||10,000||15,000||20,000|
|Number of URLs categorized||More than 280 million||More than 280 million||More than 280 million||More than 280 million||More than 280 million|