Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release



Similar documents
Implementing Core Cisco ASA Security (SASAC)

Managing Enterprise Security with Cisco Security Manager

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

Implementing Cisco IOS Network Security

IINS Implementing Cisco Network Security 3.0 (IINS)

Scenario: Remote-Access VPN Configuration

Managing Enterprise Security with Cisco Security Manager

Cisco Certified Security Professional (CCSP)

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

Implementing Cisco IOS Network Security v2.0 (IINS)

Securing Networks with PIX and ASA

Cisco AnyConnect Secure Mobility Solution Guide

Scenario: IPsec Remote-Access VPN Configuration

Cisco ASA. Administrators

Deploying Cisco ASA VPN Solutions

Cisco ASA 5500-X Series ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X

Cisco ASA. Implementation Guide. (Version 5.4) Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.

VPN_2: Deploying Cisco ASA VPN Solutions

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

LifeSize Transit Deployment Guide June 2011

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Configuring the Transparent or Routed Firewall

Chapter 1 The Principles of Auditing 1

Cisco ASA, PIX, and FWSM Firewall Handbook

Deploying Cisco ASA VPN Solutions Exam.

DIGIPASS Authentication for Cisco ASA 5500 Series

How To - Implement Clientless Single Sign On Authentication with Active Directory

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

Security Considerations for DirectAccess Deployments. Whitepaper

How To Set Up A Cisco Safesa Firewall And Security System

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

Licenses are not interchangeable between the ISRs and NGX Series ISRs.

Connecting an Android to a FortiGate with SSL VPN

ESET SECURE AUTHENTICATION. Cisco ASA SSL VPN Integration Guide

(d-5273) CCIE Security v3.0 Written Exam Topics

Securing Networks with Cisco Routers and Switches ( )

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Security. TestOut Modules

Cisco Certified Network Expert (CCNE)

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

External Authentication with Cisco ASA Authenticating Users Using SecurAccess Server by SecurEnvoy

This topic discusses Cisco Easy VPN, its two components, and its modes of operation. Cisco VPN Client > 3.x

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Cisco ASA 5500 Series Unified Communications Deployments

Strong Authentication for Cisco ASA 5500 Series

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

Cisco ASA Authentication QUICKStart Guide

Cisco Virtual Office Express

Application Note. Onsight Connect Network Requirements v6.3

Remote Desktop Gateway. Accessing a Campus Managed Device (Windows Only) from home.

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

What is the Barracuda SSL VPN Server Agent?

NEFSIS DEDICATED SERVER

RSA SecurID Ready Implementation Guide

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Configuring Global Protect SSL VPN with a user-defined port

SSL VPN Technology White Paper

Cisco RSA Announcement Update

Configuring IPsec VPN with a FortiGate and a Cisco ASA

How To Configure SSL VPN in Cyberoam

For Sales Kathy Hall

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

Integration Guide. SafeNet Authentication Service. Using RADIUS Protocol for Cisco ASA

Foreword Introduction Product Overview Introduction to Network Security Firewall Technologies Network Firewalls Packet-Filtering Techniques

Configure ISE Version 1.4 Posture with Microsoft WSUS

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

ReadyNAS Remote White Paper. NETGEAR May 2010

TABLE OF CONTENTS NETWORK SECURITY 2...1

Accessing the Media General SSL VPN

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

AnyConnect VPN Client FAQ

Copyright

Cisco Adaptive Security Appliances and Citrix NetScaler Gateway citrix.com

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client

CCIE Security Written Exam ( ) version 4.0

Securing Cisco Network Devices (SND)

Setting Up Scan to SMB on TaskALFA series MFP s.

ASA 8.x: VPN Access with the AnyConnect VPN Client Using Self Signed Certificate Configuration Example

Clientless SSL VPN Users

SSL SSL VPN

CNS Implementing NetScaler 11.0 For App and Desktop Solutions

Step-by-Step Configuration

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

EXAM Recertification for MCSE: Server Infrastructure. Buy Full Product.

Personal Telepresence. Place the VidyoPortal/VidyoRouter on a public Static IP address

CTS2134 Introduction to Networking. Module Network Security

Network Configuration Settings

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

Integration Guide. SafeNet Authentication Service. Using RADIUS and LDAP Protocols for Cisco Secure ACS

REQUEST FOR PROPOSAL FOR SUPPLY & INSTALLATION OF Firewall. Bill of Material

Technical White Paper

Transcription:

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release PB526545 Cisco ASA Software Release 8.2 offers a wealth of features that help organizations protect their networks against new threats securely connect, communicate, and conduct business; and flexibly extend security to various deployments. This release is supported across the entire Cisco ASA 5500 Series, from the ASA 5505 to ASA 5580. New Features Firewall features: Botnet Traffic Filter: The proliferation of spyware, malware, and botnets, as well as user participation in Web 2.0 applications such as Facebook and MySpace, are increasing the demand for multiple levels of endpoint protection. The Cisco ASA Botnet Traffic Filter complements existing content security solutions by monitoring network ports for rogue activity and by detecting infected internal endpoints and bots sending command and control traffic back to a host on the Internet. The command and control domains and hosts associated with botnets and malware distribution are accurately and reliably identified using a dynamic database managed by the Cisco Security Intelligence Operations center. An annual license enables the Botnet Traffic Filter functionality and updates to the database. Multicast group Network Address Translation (NAT): Multicast applications include distance learning, telemedicine, and financial applications. The multicast group NAT feature enables the separation of internal multicast streams from external multicast streams for added security. H.239 support: The Cisco ASA H.323 inspection engine now supports H.239, which defines rules and messages to establish an additional channel that can be used to show video. This feature enables Cisco ASA appliances to inspect H.329 signaling from video endpoints. Unified Communications Proxy on the Cisco ASA 5580: This feature extends Cisco ASA Unified Communications Proxy features Phone Proxy, Mobility Proxy, Presence Federation Proxy, and Transport Layer Security (TLS) Proxy to the Cisco ASA 5580. This increases the maximum capacity of the Unified Communications Proxy solution to 10,000 sessions for TLS Proxy, Mobility Proxy, and Presence Federation Proxy, and to 5000 sessions for Phone Proxy. ASA Phone Proxy media termination address for multiple interfaces The Phone Proxy requires a media termination address to terminate media from remote phones. For customers with security policies that prevent external routes on the internal network, this feature delivers the ability to configure the media termination address for multiple interfaces, eliminating the need to deploy a NAT device between the internal network and the Phone Proxy. 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 2

Transparent firewall mode support for IPv6 addressing: Cisco ASA Software Release 8.2 flexibly extends the support of IPv6 addressing in transparent firewall mode to enable quick ASA deployments into existing IPv6 networks without requiring IP readdressing. 250 VLANs on the Cisco ASA 5580: The number of virtual interfaces available on the Cisco ASA 5580 has increased from 50 to 250. TCP state bypass: With Cisco ASA Software Release 8.2, business can selectively disable firewall TCP inspection on ASA appliances. This is useful for allowing certain traffic to flow through in asymmetric routing scenarios when two ASA appliances are in different locations that are not adjacent to Layer 2. IPv6 support for AIP SSM modules: The Cisco ASA now supports IPv6 capabilities on the Cisco ASA AIP SSM modules. Customers can send IPv6 packets from the ASA to the AIP SSM modules for both IPv6 and IPv4 IPS inspection. Minimum IPS software required is Cisco IPS software version 6.2. Remote-access VPN features: Cisco AnyConnect Essentials: This feature offers basic AnyConnect tunneling support for customers who require VPN remote access but do not need Cisco Secure Desktop features or clientless SSL VPN capabilities. AnyConnect Essentials supports mobile connectivity options with the AnyConnect Mobile license. Upgrade to the full-featured AnyConnect Premium license (traditional AnyConnect) is available by applying a traditional AnyConnect license or shared license to the ASA appliance. Shared license support for SSL VPN: The shared license server device (holding the shared license) and participant devices must be able to communicate with one another on an internal network either directly or through a VPN connection. Each participating device must have a license that enables the shared licensing capability. Shared licenses support the full AnyConnect feature set, including Cisco Secure Desktop and clientless SSL VPN. Cisco AnyConnect Mobile: AnyConnect Mobile provides Windows Mobile 5.0, 6.0, and 6.1 full client support for touch-screen Windows Mobile devices. AnyConnect Mobile is compatible with AnyConnect Essentials and Premium (traditional AnyConnect) licenses, as well as with shared licenses. Pre-fill username from certificate: This security feature facilitates user login by pre-filling the username in username/password authentication from a field of the user s certificate. Double authentication: This feature enables the validation of two separate sets of credentials at login. For example, one-time password (OTP) can be used as the primary authentication and an Active Directory domain credential can be used for the secondary authentication method. Per-group certificate authentication enable: This feature allows administrators to configure whether to require a certificate on a per-url or per-fqdn basis. This setting is global on all Cisco ASA Software releases. Per-group Cisco Secure Desktop enable: This feature allows administrators to configure Cisco Secure Desktop functions on a per-url or per-fqdn basis. This setting is global on all Cisco ASA Software releases. Microsoft SharePoint 2007 support: Cisco ASA Software Release 8.2 provides official Microsoft SharePoint 2007 support for clientless SSL VPN connections. EKU tunnel group: Cisco ASA Software Release 8.2 provides an extended key usage (EKU) extension in the tunnel-group map. 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 5

Management features: Cisco Adaptive Security Device Manager (ASDM) Public Server Configuration Wizard: This wizard enables administrators to easily automate the process of configuring an ASA appliance to allow certain internal servers such as email or web servers to be publicly accessible on the Internet. Cisco ASDM OTP authentication, authorization, and accounting (AAA) support: This support allows administrative users to authenticate Cisco ASA appliances and ASDM through OTPs supported by RSA SecureID. This feature addresses security concerns associated with administrators using static passwords for authentication. Cisco ASDM support for Cisco Secure Desktop customization: This ASDM enhancement allows customers to customize how Cisco Secure Desktop screens are displayed to remote users, allowing administrators to show appropriate screens depending on a user s responsibilities and job functions. SNMPv3 support: Cisco ASA Software Release 8.2 supports Simple Network Management Protocol (SNMP) version 3, the newest version of SNMP, adding authentication and privacy options to secure protocol operations. Cisco NetFlow Secure Event Logging: This feature was originally introduced on the Cisco ASA 5580, and is now extended to other Cisco ASA models to provide administrators with more comprehensive event logging information. Upgrade Paths All Cisco ASA Software Releases (7.0, 7.2, 8.0, and 8.1) can be upgraded to Release 8.2. Ordering Information Existing Cisco ASA customers with Cisco SMARTnet service contracts can easily download Cisco ASA Software Release 8.2 at no additional cost. The software release prices are available on the Cisco price list. Table 1 lists ordering information for Cisco ASA Software Release 8.2. Table 1. Ordering Information for Cisco ASA Software Release 8.2 Software Licenses Cisco ASA 5500 Series Software Release 8.2 Cisco ASA 5500 Series Software Release 8.2 for ASA 5505 Unified Communications Proxy Licenses ASA 5500 UC Proxy 5000 sessions ASA 5500 UC Proxy 5000 sessions ASA 5500 UC Proxy 10000 sessions ASA 5500 UC Proxy 10000 sessions ASA 5500 UC Proxy 3000 to 5000 upgrade sessions ASA 5500 UC Proxy 5000 to 10000 upgrade sessions Botnet Traffic Filter Licenses ASA 5505 Botnet Traffic Filter License for 1 Year ASA 5510 Botnet Traffic Filter License for 1 Year ASA 5520 Botnet Traffic Filter License for 1 Year ASA 5540 Botnet Traffic Filter License for 1 Year ASA 5550 Botnet Traffic Filter License for 1 Year ASA 5580 Botnet Traffic Filter License for 1 Year SF-ASA-8.2-K8 SF-ASA5505-8.2-K8 ASA-UC-5000 ASA-UC-5000= ASA-UC-10000 ASA-UC-10000= ASA-UC-3000-5000= ASA-UC-5000-10000= ASA5505-BOT-1YR= ASA5510-BOT-1YR= ASA5520-BOT-1YR= ASA5540-BOT-1YR= ASA5550-BOT-1YR= ASA5580-BOT-1YR= 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 5

Software Licenses VPN Anyconnect Licenses AnyConnect Mobile ASA 5505 (req. Essentials or Premium) AnyConnect Mobile ASA 5510 (req. Essentials or Premium) AnyConnect Mobile ASA 5520 (req. Essentials or Premium) AnyConnect Mobile ASA 5540 (req. Essentials or Premium) AnyConnect Mobile ASA 5550 (req. Essentials or Premium) AnyConnect Mobile ASA 5580 (req. Essentials or Premium) AnyConnect Essentials VPN License ASA 5505 (25 Prs) AnyConnect Essentials VPN License ASA 5510 (250 Prs) AnyConnect Essentials VPN License ASA 5520 (750 Prs) AnyConnect Essentials VPN License ASA 5540 (2500 Prs) AnyConnect Essentials VPN License ASA 5550 (5000 Prs) AnyConnect Essentials VPN License ASA 5580 (10K Prs) VPN Shared Licenses Premium Shared VPN Server License 500 users Premium Shared VPN Server License 1000 users Premium Shared VPN Server License 2500 users Premium Shared VPN Server License 5000 users Premium Shared VPN Server License 7500 users Premium Shared VPN Server License 10K users Premium Shared VPN Server License 20K users Premium Shared VPN Server License 30K users Premium Shared VPN Server License 40K users Premium Shared VPN Server License 50K users Premium Shared VPN Server License 100K users Premium Shared VPN Participant License ASA 5510 Premium Shared VPN Participant License ASA 5520 Premium Shared VPN Participant License ASA 5540 Premium Shared VPN Participant License ASA 5550 Premium Shared VPN Participant License ASA 5580 ASA-AC-M-5505= ASA-AC-M-5510= ASA-AC-M-5520= ASA-AC-M-5540= ASA-AC-M-5550= ASA-AC-M-5580= ASA-AC-E-5505= ASA-AC-E-5510= ASA-AC-E-5520= ASA-AC-E-5540= ASA-AC-E-5550= ASA-AC-E-5580= ASA-VPNS-500= ASA-VPNS-1000= ASA-VPNS-2500= ASA-VPNS-5000= ASA-VPNS-7500= ASA-VPNS-10K= ASA-VPNS-20K= ASA-VPNS-30K= ASA-VPNS-40K= ASA-VPNS-50K= ASA-VPNS-100K= ASA-VPNP-5510= ASA-VPNP-5520= ASA-VPNP-5540= ASA-VPNP-5550= ASA-VPNP-5580= To place an order, visit the Cisco Ordering Home Page. To download software, visit the Cisco Software Center. Cisco Services Existing Cisco ASA customers with Cisco SMARTnet service contracts can easily download Cisco ASA Software Release 8.2 at no additional cost. The software release prices are available on the Cisco price list. Table 1 lists ordering information for Cisco ASA Software Release 8.2. Table 2 provides information on E-delivery licenses for electronic fulfillment. For More Information For more information about the Cisco ASA 5500 Series, visit http://www.cisco.com/go/asa or contact your local account representative. For Cisco ASA 5500 Series Adaptive Security Appliance licensing information, visit: http://www.cisco.com/en/us/products/ps6120/products_licensing_information_listing.html 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 5

Printed in USA C25-526545-00 03/09 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information