Datasheet
© 2005 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 13 of 20
Feature Benefit
DHCP Relay • Forwards DHCP requests from internal devices to an administrator-specified DHCP server, helping enable
centralized distribution, tracking, and maintenance of IP addresses
Network Time Protocol
(NTPv3) Client
• Provides convenient method for synchronizing the clock on Cisco ASA 5500 Series appliances with other devices
on a network
Flexible Management Solutions
Cisco ASDM • Offers simple, secure remote management of Cisco ASA 5500 Series appliances through world-class, integrated,
Web-based GUI
• Provides a wide range of informative, real-time, and historical reports that give critical insight into usage trends,
performance baselines, and security events
Command Line Interface
(CLI)
• Allows customers to use existing Cisco PIX Security Appliance and Cisco IOS Software CLI knowledge for easy
installation and management without additional training
• Supports improved ease of use with services such as command completion, context-sensitive help, and command
aliasing
• Accessible through variety of methods, including console port, Telnet, and SSHv2
Cisco Modular Policy
Framework
• Provides a powerful, highly flexible framework for defining flow- or class-based policies, enabling administrators to
identify a network flow or class based on different conditions, and then apply a set of customizable services to
each flow or class
• Improves control over applications by introducing the ability to have flow- or class-specific firewall and inspection
policies, QoS policies, connection limits and timers, and more
Authentication,
Authorization, and
Accounting (AAA) Services
• Enables the strong authentication of users through the Cisco ASA 5500 Series appliances through a local user
database or through integration with enterprise databases, either directly using TACACS+ and RADIUS or
indirectly with Cisco Secure Access Control Server (ACS)
• Supports up to 16 levels of customizable administrative roles, so that businesses can grant administrators and
operations personnel the appropriate level of access to each appliance; for example, monitoring-only access,
read-only access to the configuration, network configuration only, firewall configuration only, and so on
• Provides the ability to generate TACACS+ AAA records for tracking administrative access to Cisco ASA 5500
Series appliances, as well as tracking all configuration changes made during an administrative session
• Supports sending accounting information to multiple RADIUS servers simultaneously
• Enhances network resiliency by giving administrative the ability to dynamically fall back to the local user database
in case of external TACACS+ or RADIUS server outages
Cut-Through Proxy
Services
• Provides three different methods to optionally authenticate users (over HTTP, HTTPS, or Telnet), which can be
required before any network traffic from that user can traverse the Cisco ASA 5500 Series appliance
• Uses AAA framework for source of user authentication—authenticating through either the local user database on
the appliance or a wide variety of popular third-party authentication services (through TACACS+ or RADIUS
integration)
SNMP Monitoring • Includes support for both SNMPv2 and SNMPv2c, providing in-depth visibility into the status of Cisco ASA 5500
Series appliances
• Provides services such as 64-bit counters (for monitoring the Gigabit Ethernet interfaces) and support for bulk MIB
data transfers
• Support for many SNMP MIBs, including the SNMPv2 MIB (RFC 1907), the Interfaces Group MIB (RFCs 1573 and
2233), the IP MIB (RFC 2011), and the Entity MIB (RFC 2737)
• Provides complete visibility into VPN connections with detailed per-tunnel statistics, including tunnel uptime, bytes
and packets transferred, and more, through support for the Cisco IPSec Flow Monitoring MIB