Guest

Cisco ASA 5500-X Series Next-Generation Firewalls

Cisco ASA 5500-X Series - Why Upgrade White Paper

  • Viewing Options

  • PDF (269.9 KB)
  • Feedback

Multifaceted, highly dynamic applications and the growing acceptance of bring-your-own-device (BYOD) have dramatically altered the security landscape. With more than 100,000 new web-based threats emerging each day, businesses need a security solution that’s proactive, comprehensive, and network-integrated - and that helps accelerate business operations.

Cisco ASA Next-Generation Firewall Services add next-generation capabilities like Application Visibility and Control (AVC) and Web Security Essentials (WSE) to the industry’s most proven stateful inspection firewall - for end-to-end network intelligence and streamlined security operations.

1. Proactive Security

Cisco ASA 5500-X Series Next-Generation Firewalls protect networks against many types of malware, including web-based threats, vulnerabilities, and advanced persistent threats (APTs) via Cisco Cloud Web Security and Cisco Security Intelligence Operations (SIO).

Cisco Cloud Web Security provides centralized, cloud-based integration with Cisco ASA firewalls and integrated services routers, delivering localized network security, comprehensive malware protection, visibility and control of web applications.

Cisco SIO is a cloud-based service that performs real-time analysis of telemetry from nearly two million security devices and more than 150 million mobile endpoints throughout the world. Continuous updates on Internet threats, network vulnerabilities, and host site reputation are sent to Cisco security devices every three to five minutes, providing near real-time protection from zero-day threats. Cisco customers can use this information to develop and enforce more granular, robust security policies to proactively protect their networks months ahead of a specific threat.

2. Comprehensive Suite of Security Services

Cisco ASA 5500-X Series Next-Generation Firewalls integrate with a wide range of software- and cloud-based security services that our customers need today, and are built to scale to the meet the functional and security requirements of future networks. Current next-generation firewall services include:

Application Visibility and Control (AVC)

Web Security Essentials (WSE)

Intrusion prevention (IPS)

Botnet filter

Cisco AnyConnect® VPN

Cisco Cloud Web Security (CWS)

Multiple software services can be run simultaneously on the same firewall without significant performance degradation.

3. Network Integration

With Cisco ASA 5500-X Series Next-Generation Firewalls, customers can choose their security deployment options based on their business needs and challenges. By integrating the firewall with the network infrastructure, IT can simplify firewall management and optimize protection.

Cisco TrustSec® is available on Cisco ASA Software Release 9.0 and later to allow firewalls to participate in a broader policy framework that can simplify firewall policy management by as much as 80% and more rapidly adapt to changing users.

Cisco ASA 5500-X Series Next-Generation Firewalls are designed to integrate with Cisco Cloud Web Security. For customers interested in granular AVC capabilities and differentiated access based on users, devices, and applications, the firewalls provide an on-premise security solution.

4. Performance without Compromise

Cisco ASA 5500-X Series Next-Generation Firewalls help increase the performance of the most critical network services by providing:

300% higher firewall throughput than the previous generation

60% higher VPN throughput than the previous generation

Multicore enterprise-class CPUs

Next-generation encryption support

Integrated IPS acceleration hardware on the ASA 5525-X, 5545-X, and 5555-X firewalls

Customer Incentives

Cisco is offering customer incentives on the Application, Visibility and Control (AVC) and Web Security Essentials (WSE) subscriptions until January 25, 2014:

25% off a 1-year AVC and WSE combined subscription
33% off a 3-year AVC and WSE combined subscription (essentially, three years for the price of two)

Note: An SSD is required to run AVC and WSE on ASA 5500-X Series Next-Generation Firewalls. SSD bundles have the ASA CX software image pre-loaded, and customers receive a free 60-day trial of the WSE and AVC subscriptions.

Summary

Cisco ASA Next-Generation Firewall Services enable organizations to rapidly adapt to evolving business needs without abandoning time-tested methods. Blending a proven stateful inspection firewall application with user ID awareness and a host of additional network-based security controls, ASA Next-Generation Firewall Services deliver end-to-end network intelligence and streamlined security operations for enhanced visibility and control of network traffic.

For more information about the Cisco ASA 5500-X Series, visit here or contact your account manager.

You might also be interested in reading: Cisco ASA 5500-X Series Next-Generation Firewalls Q&A

Migrating from Cisco ASA 5500 Series to ASA 5500-X Series Midrange Appliances