Quick Guide to Cisco ASA Models
- select the contributor at the end of the page -
Adaptive Security Appliance (ASA) Overview
Cisco has been one of the leaders in network security for some time and with the development of their Adaptive Security Appliance (ASA) line of devices has firmly grouped them in the pack of good network security options for both small and large businesses.
The backbone of any network security appliance is a firewall; a firewall is used to control which traffic is allowed in to and out of a specific network. At the heart of the ASA is a world class (application aware) firewall which was built off the very successful line of PIX security appliances. This is then tightly integrated with an Intrusion Prevention System (IPS) and with support for a variety of different Virtual Private Network (VPN) technologies.
Another advantage that exists with the ASA is the wide range of capable models for almost any potential implementation type.
5505, 5510, 5512-X and 5515-X
The 5505, 5510, 5512-X and 5515-X models are focused on the small office and branch office locations. These models offer up to 1.2 Gigabits per second of inspected throughput, up to 250,000 concurrent sessions and up to 15,000 connections per second as well as support for IPS and VPN capabilities.
5520,5525-X,5540,5545-X,5550 and 5555-X
The 5520, 5525-X, 5540, 5545-X, 5550 and 5555-X models are focuses for devices that sit at the Internet edge of an organization. These models support up to 4 Gigabits per second of inspected throughput, up to 1,000,000 concurrent sessions, up to 50,000 connections per second and support for up to 1.1 million packets a second of forwarding potential. This performance is then backed with extended support for an IPS and many different types of VPN's.
5585-X and ASA Services Module
The 5585-X and ASA services module (for a Catalyst 6500) are used in large scale enterprise/data center deployments. These are the top of the line in terms of performance. These modes support up to 10 Gigabits per second of inspected throughput, up to 10,000,000 concurrent sessions, up to 350,000 connections per seconds and support for up to 9 million packets a second of forwarding potential. Support for different features depends on the model, but remember that these devices are intended to be placed in a central location which commonly is not where features like VPN's are terminated.
The ASA models are certainly a good option when selecting a security appliance for almost all possible situations and should be considered along with all of the various options on the market today.