Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco ASA 5500 Series Nebojte se jí Tomáš Chott at Cisco

Published byPaulina Atkinson Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco ASA 5500 Series Nebojte se jí Tomáš Chott at Cisco"— Presentation transcript:

1 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco ASA 5500 Series Nebojte se jí Tomáš Chott at Cisco tomas.chott@lsg-global.com

2 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 2 Agenda  Cisco ASA 5500 Series Software Feature Overview  Cisco ASA 5500 Series Platforms and Modules  Cisco ASDM 6.0  Teleworker Deployment Model  Demo Scenario  Configuration tasks

3 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 3 Cisco ASA 5500 Series: Breadth and Depth Industry First Scalable, Multi-Function, Feature Rich Appliance  Multi-layer packet and traffic analysis  Advanced application and protocol inspection services  Network application controls  Advanced VoIP/multimedia security  Flexible user and network based access control services  Stateful packet inspection  Integration with popular authentication sources including Microsoft Active Directory, LDAP, Kerberos, and RSA SecurID  Real-time protection from application and OS level attacks  Network-based worm and virus mitigation  Spyware, adware, malware detection and control  On-box event correlation and proactive response  Low latency  Diverse topologies  Multicast support  Services virtualization  Network segmentation & partitioning  Routing, resiliency, load-balancing  Threat protected SSL and IPSec VPN services  Zero-touch, automatically updateable IPSec remote access  Flexible clientless and full tunneling client SSL VPN services  QoS/routing-enabled site-to-site VPN Firewall with Application Layer Security Access Control and Authentication IPS and Anti-X Defenses Cisco Intelligent Networking Services SSL and IPSec Connectivity

4 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 4 Cisco ASA 5520 Cisco ASA 5540 Cisco ASA 5500 Series Product Lineup Solutions Ranging from SMB to Large Enterprise Cisco ASA 5550 Cisco ASA 5510 Cisco ASA 5505 Target Market SMB and SME Enterprise Medium Enterprise Large Enterprise Teleworker / Branch Office / SMB Performance Max Firewall Max Firewall + IPS Max IPSec VPN Max IPSec/SSL VPN Peers 300 Mbps 170 Mbps 250/250 450 Mbps 375 Mbps 225 Mbps 750/750 650 Mbps 450 Mbps 325 Mbps 5000/2500 1.2 Gbps N/A 425 Mbps 5000/5000 150 Mbps Future 100 Mbps 25/25 Platform Capabilities Max Firewall Conns Max Conns/Second Packets/Second (64 byte) Base I/O VLANs Supported HA Supported 50,000/130,000 6,000 190,000 5 FE 50/100 A/A and A/S (Sec Plus) 280,000 9,000 320,000 4 GE + 1 FE 150 A/A and A/S 400,000 20,000 500,000 4 GE + 1 FE 200 A/A and A/S 650,000 28,000 600,000 8 GE + 1 FE 250 A/A and A/S 10,000/25,000 3,000 85,000 8-port FE switch 3/20 (trunk) Stateless A/S (Sec Plus)

5 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 5 Wide-Range of Cisco ASA 5500 Series Security Service Modules (SSMs) Provides full-featured IPS and IDS services for protection of critical network assets Available in two models: SSM-10 and SSM-20 Delivers up to 450 Mbps of IPS throughput Has thumbscrews for easy insertion/removal 10/100/1000 out-of-band management port Supported on ASA 5510, 5520, and 5540 IPS Security Services Module (AIP SSM)Anti-X Security Services Module (CSC SSM) Provides full-featured Anti-X services (anti-virus, anti-spyware, anti-spam, anti-phishing, URL filtering, and more) Available in two models SSM-10 and SSM-20 Anti-virus and anti-spyware services licensed by number of users, others optional add-on Supported on ASA 5510, 5520, and 5540 4-Port GE Services Module (4GE SSM) I/O module offers four copper 10/100/1000 ports in addition to four SFP ports for improved flexibility and network segmentation Customers can use up-to four ports total out of these eight ports, with the ability to mix and match copper and optical GE ports Supported on ASA 5510, 5520, and 5540

6 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 6 Cisco Adaptive Security Device Manager v6.0 Introduces a Wealth of New Features and Usability Enhancements  Fresh new interface provides easy access to all services offered by ASA  Security Dashboards  Packet Tracer  Packet Capture  Provides live ACL hitcount in firewall rule table for easy policy auditing  Real-Time Syslog Viewer  Syslog to ACL correlation features  New Wizards

7 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 7 Typické požadavky zákazníka  Překlad adres - NAT  Kontrola provozu na L2-L7  Podpora dynamických aplikací  Připojení poboček  Remote Access VPN  Web VPN (SSL VPN)  Ochrana proti hrozbám z internetu

8 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 8 Home VLAN Internet VLAN Business VLAN Teleworker Deployment Model Easy to Install Modern Networking Services  Secure access to both Home and Internet VLANs  Power Over Ethernet for IP Phones and WiFi Access Points  Secure access for a wide range of applications through the Internet VLAN  DHCP Server Services  DHCP and Dynamic DNS services  PPPoE support  Backup ISP support (Security Plus)

9 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 9 ASA poprvé  #Show version  #Show run  #Show flash  #Configure terminal  (config)#Configure factory-default  #Write memory / Write erase  #Reload

10 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 10 Configuration tasks  Povolení pouze autorizovaného přístupu  SSH přístup  Logging  DHCP  Povolení provozu pomocí ACL  NAT  Inspekce provozu  AAA pravidla  Ochrana proti útokům  Monitoring ...

11 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 11 Demo scenario VLAN 10 – INSIDE VLAN 20 – OUTSIDE VLAN 30 – DMZ Inside E0/1 DMZ E0/7 Outside E0/0 Internet HTTP server 10.0.0.1 172.16.1.1 10.0.0.0/24 172.16.1.10 DHCP Syslog server HTTP server Povolit HTTPPovolit HTTP, ICMP Povolit vše, inspekce HTTP, FTP

12 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 12 Externí dema  SSL VPN demo https://vpndemo-external.cisco.com  ASDM demo http://www.cisco.com/go/asdm

13 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 13 Q and A

14 © 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 14

Download ppt "© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco ASA 5500 Series Nebojte se jí Tomáš Chott at Cisco"

Similar presentations

Sales Guide for DES-3810 Series Aug 2011 D-Link HQ.

Sales Guide for DES-3810 Series Aug 2011 D-Link HQ.
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco SB Summit Praha, 26.4.2012 Jan Křístek Tomáš Chott.

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco SB Summit Praha, Jan Křístek Tomáš Chott.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Migrating Customers to the Cisco ASA 5500 Series.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Migrating Customers to the Cisco ASA 5500 Series.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
MSIT 458: Information Security & Assurance By Curtis Pethley.

MSIT 458: Information Security & Assurance By Curtis Pethley.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
Cisco Confidential 1 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Small Business RV320/RV325 Product Overview.

Cisco Confidential 1 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Small Business RV320/RV325 Product Overview.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Implementing Secure Converged Wide Area Networks (ISCW)

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Implementing Secure Converged Wide Area Networks (ISCW)
SecPath Firewall Architecture. Objectives Upon completion of this course, you will be able to: Understand the architecture of SecPath series firewalls.

SecPath Firewall Architecture. Objectives Upon completion of this course, you will be able to: Understand the architecture of SecPath series firewalls.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
WiNG 5.3.

WiNG 5.3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Enterprise Network Architecture SAFE Suhento Gunawan Systems Engineer.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Enterprise Network Architecture SAFE Suhento Gunawan Systems Engineer.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Firewall Slides by John Rouda

Firewall Slides by John Rouda
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Similar presentations

Ads by Google