New ASA Virtual Features in Release 9.24
|
Feature |
Version |
Details |
Supported Cloud Platforms |
|---|---|---|---|
|
IPSec traffic acceleration and offload using DPUs on KVM |
9.24.1 |
Internet Protocol Security (IPSec) traffic acceleration and offload on a Data Processing Unit (DPU) running on KVM shifts encryption-intensive packet processing from the host CPU to a dedicated DPU hardware. This feature is implemented in modern data centers to improve performance, reduce CPU overhead, and enhance power efficiency. For more information, see IPSec Traffic Acceleration and Offload Using DPUs on KVM. |
KVM |
|
OCI ASA Virtual Ampere A1 (ARM) Compute Shape support |
9.24.1 |
The feature supports deployment of ARM-based ASA Virtual Flex instances on Oracle Cloud Infrastructure (OCI). For more information, see Overview. |
OCI |
|
Secure Boot and UEFI firmware support |
9.24.1 |
ASA Virtual is compatible with UEFI-based virtual machines. This modern firmware interface replaces legacy BIOS, improves boot performance, and provides enhanced hardware/VM compatibility. Secure Boot ensures that only signed and trusted boot-loaders, kernel modules, and drivers are loaded when the VM starts. It improves the virtual appliances security. For more information, see the relevant sections in the corresponding Cloud platform. |
All platforms For OCI, only UEFI mode is supported. |
|
OpenStack Caracal support |
9.24.1 |
ASA Virtual deployment is supported on the Caracal release of OpenStack. This enables customers to use Cisco virtual security appliances on environments that use Caracal, expanding compatibility with the latest OpenStack platform. For more information, see System Requirements. |
OpenStack |
|
Nutanix AOS 7.3.0.6 support |
9.24.1 |
With the release of Nutanix AOS 7.3.0.6, Cisco Secure Firewall continues to support ASA Virtual deployments on Nutanix environments. Nutanix AOS 7.3.0.6 builds on the VPC capabilities introduced in earlier Nutanix AOS releases, providing functionality similar to VPCs available in public cloud environments. This enhancement allows more flexible and cloud-like network segmentation and isolation within Nutanix environments, enabling customers to design and scale secure multi-tenant architectures more effectively. For more information, see System Requirements. |
Nutanix |
|
Dual ARM Multi AZ Clustering |
9.24.1 |
A Dual-Arm proxy is a network deployment mode that enables the ASA Virtual to inspect traffic, applies Network Address Translation (NAT), and sends it directly from its outside interface to the Internet via the Internet Gateway. This direct egress path bypasses the GWLB and its endpoint on egress, streamlining traffic flow for greater efficiency. For more information, see AWS Gateway Load Balancer and Geneve Dual-Arm Proxy section in Cisco Secure Firewall ASA Series General Operations CLI Configuration Guide. |
AWS |
| ASA Virtual Cloud Virtual Clustering enhancements in GCP | 9.24.1 |
ASA Virtual clustering solution in Google Cloud Platform (GCP) is enhanced with dynamic autoscaling capabilities. The autoscale solution is based on CPU utilization metrics and helps to achieve optimal resource usage. For more information, see ASA Virtual Clustering with Autoscale Solution in GCP section in Cisco Secure Firewall ASA Series General Operations CLI Configuration Guide. |
GCP |
Feedback