Data Sheet
Data Sheet
© 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 22
For business continuity and event planning, the Cisco ASA 5520 can also benefit from the Cisco VPN FLEX licenses,
which enable administrators to react to or plan for short-term bursts of concurrent Premium VPN remote-access
users, for up to a 2-month period.
The advanced application-layer security and content security defenses provided by the Cisco ASA 5520 can be
extended by deploying the high-performance intrusion prevention and worm mitigation capabilities of the AIP SSM, or
the comprehensive malware protection of the CSC SSM. Using the optional security context capabilities of the Cisco
ASA 5520 Adaptive Security Appliance, businesses can deploy up to 20 virtual firewalls within an appliance to enable
compartmentalized control of security policies on a departmental level. This virtualization strengthens security and
reduces overall management and support costs while consolidating multiple security devices into a single appliance.
Table 3 lists features of the Cisco ASA 5520.
Table 3. Cisco ASA 5520 Adaptive Security Appliance Platform Capabilities and Capacities
Feature
Description
Firewall Throughput
Up to 450 Mbps
Maximum Firewall and IPS Throughput
●
Up to 225 Mbps with AIP SSM-10
●
Up to 375 Mbps with AIP SSM-20
●
Up to 450 Mbps with AIP SSM-40
VPN Throughput
Up to 225 Mbps
Concurrent Sessions
280,000
IPsec VPN Peers
750
Premium AnyConnect VPN Peer License Levels
*
2,10, 25, 50, 100, 250, 500, or 750
Security Contexts
*
Up to 20
Interfaces
4 Gigabit Ethernet ports and 1 Fast Ethernet port
Virtual Interfaces (VLANs)
150
Scalability
VPN clustering and load balancing
High Availability
Active/Active
**
, Active/Standby
Performance numbers tested and validated with Cisco ASA Software Release 7.2.
Cisco ASA 5540 Adaptive Security Appliance
The Cisco ASA 5540 Adaptive Security Appliance delivers high-performance, high-density security services with
Active/Active high availability and Gigabit Ethernet connectivity for medium-sized and large enterprise and service-
provider networks, in a reliable, modular appliance. With four Gigabit Ethernet interfaces and support for up to 100
VLANs, businesses can use the Cisco ASA 5540 to segment their network into numerous zones for improved
security. The Cisco ASA 5540 Adaptive Security Appliance scales with businesses as their network security
requirements grow, delivering exceptional investment protection and services scalability. The advanced network and
application-layer security services and content security defenses provided by the Cisco ASA 5540 Adaptive Security
Appliance can be extended by deploying the AIP SSM for high-performance intrusion prevention and worm
mitigation.
Businesses can scale their SSL and IPsec VPN capacity to support a larger number of mobile workers, remote sites,
and business partners. Up to 2500 AnyConnect and/or clientless VPN peers can be supported on each Cisco ASA
5540 by installing an Essential or a Premium AnyConnect VPN license; 5000 IPsec VPN peers are supported on the
base platform. VPN capacity and resiliency can also be increased by taking advantage of the integrated VPN
clustering and load-balancing capabilities of the Cisco ASA 5540. The Cisco ASA 5540 supports up to 10 appliances
in a cluster, supporting a maximum of 25,000 AnyConnect and/or clientless VPN peers or 50,000 IPsec VPN peers
*
Separately licensed feature; includes two with base system
**
Available for the firewall feature set