Data Sheet

ManualsBrandsCisco Manualshardware firewallsCisco ASA 5525-X Adaptive Security Appliance

Data Sheet

Intrusion Prevention for the Cisco ASA 5500-X

Series

As users and data leave the corporate boundary and the network access layer

becomes more porous, traditional signature technology alone will not suffice. Only

Cisco

intrusion prevention (IPS) technology, backed by Cisco Security Intelligence

Operations (SIO), identifies and mitigates attackers and attacks up to Layer 7 with

market-leading, context-aware threat prevention that augments your firewall and VPN

deployment.

The Cisco ASA 5500-X Series IPS Solution scales from the Cisco Borderless Network Architecture to data center

architectures, with integrated form factors ranging from 1 Gbps to 10 Gbps. Strong default efficacy allows you to

install a device and secure your network immediately. Achieve full visibility across your network with Cisco Security

Manager to mitigate risk and meet compliance - all while reducing your expenses.

Figure 1. Cisco ASA with IPS Product Family

Mitigate Risks

Manage risks with a broad and deep set of inspection capabilities:

●

Defend against zero-day attacks with over 40 engines and 6500 stateful, vulnerability-based signatures that

protect against tens of thousands of current exploits - and countless more to come.

●

Inspect a wide variety of protocols to ensure RFC conformance and prevent hacks.

●

Identify the source of and block denial of service (DoS), distributed denial of service (DDoS), SYN flood,

and encrypted attacks with Cisco Global Correlation.

●

Use patented anti-evasion technology to defend and monitor against worms, viruses, Trojans,

reconnaissance attacks, spyware, botnets, phishing, peer to peer attacks, and malware, as well as

numerous evasion techniques.

●

Guard Cisco infrastructure with specific protections for Unified Communications, WLAN, routing, and

switching.

●

Utilize identity-based firewall to provide granular and powerful policy definition.

Summary of content (7 pages)

PAGE 1
Data Sheet Intrusion Prevention for the Cisco ASA 5500-X Series As users and data leave the corporate boundary and the network access layer becomes more porous, traditional signature technology alone will not suffice. Only Cisco® intrusion prevention (IPS) technology, backed by Cisco Security Intelligence Operations (SIO), identifies and mitigates attackers and attacks up to Layer 7 with market-leading, context-aware threat prevention that augments your firewall and VPN deployment.
PAGE 2
Ensure Compliance ● U.S. Sarbanes-Oxley Act (SOX) ● U.S. Gramm-Leach-Bliley Act (GLBA) ● Payment Card Industry Data Security Standard (PCI DSS) ● NERC Critical Infrastructure Protection (CIP) ● Health Insurance Portability and Accountability Act (HIPAA) ● U.S. Federal Information Security Management Act (FISMA) Seamless Network Integration A critical component of the SecureX framework, Cisco IPS technology seamlessly integrates into the Cisco ASA firewall and network architecture.
PAGE 3
Complete Control and Real-Time Visibility Cisco provides management solutions for a few Cisco IPS devices or hundreds. Cisco IPS Manager Express (Figure 2) is an all-in-one IPS management and reporting application for up to 10 devices. Cisco Security Manager is an enterprise-class security management application with thousands of real-world deployments.
PAGE 4
Table 1.
PAGE 5
Table 2.
PAGE 6
Product Name Part Number Cisco ASA 5585-X Adaptive Security Appliances Cisco ASA 5585-X Adaptive Security Appliance with IPS SSP-10 (IPS SSP-10 bundle includes 8 Gigabit Ethernet interfaces, 2 Gigabit Ethernet management interfaces, 5000 IPsec VPN peers, 2 SSL VPN peers, DES license) ASA5585-S10P10-K8 Cisco ASA 5585-X Firewall Edition SSP-10 (IPS SSP-10 bundle includes 8 Gigabit Ethernet interfaces, 2 Gigabit Ethernet management interfaces, 5000 IPsec VPN peers, 2 SSL VPN peers, 3DES/AES license) ASA55
PAGE 7
Cisco Services for IPS Cisco Services for IPS is an integral part of the Cisco ASA 5500-X Series IPS Solution and enables operators to receive time-critical signature file updates and alerts. Part of the Cisco Technical Support Services portfolio, Cisco Services for IPS allows your Cisco ASA 5500-X Series IPS Solution to stay current on the latest threats so that malicious or damaging traffic is accurately identified, classified, and stopped.