Cisco ASA

In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA 5500 Series, is Cisco's line of network security devices introduced in 2005,^[1] that succeeded three existing lines of popular Cisco products:

Cisco PIX, which provided firewall and network address translation (NAT) functions.
Cisco IPS 4200 Series, which worked as intrusion prevention system (IPS).
Cisco VPN 3000 Series Concentrators, which provided virtual private networking (VPN).

Specifications of past and present models

Like the Cisco PIX firewalls, the ASAs are based on Intel x86 architecture. The ASA series of devices run PIX code 7.0 and later. Through PIX OS release 7.x the PIX and the ASA use the same software images. Examples of emulators include PEMU and Dynagen [1], and with NetworkSims (Networksims) for a simulator.

Model	5505	5510	5520	5540	5550	5580-20	5580-40
Introduced	2006	2005	2005	2005	2006	2008	2008
CPU Type	AMD Geode LX	Intel Celeron	Intel Pentium 4 Celeron	Intel Pentium 4	Intel Pentium 4	AMD Opteron (2 CPU, 4 cores)	AMD Opteron (4 CPU, 8 cores)
CPU Speed	500 MHz	1.6 GHz	2.0 GHz	2.0 GHz	3.0 GHz	2.6 GHz	2.6 GHz
Chipset	Geode CS5536		Intel 875P Canterwood
Default RAM	256 MB	256 MB	512 MB	1 GB	4 GB	8 GB	12 GB
Boot Flash Device	ATA CompactFlash	ATA CompactFlash	ATA CompactFlash	ATA CompactFlash	ATA CompactFlash	ATA CompactFlash	ATA CompactFlash
Default Flash	64MB	64MB	64MB	64MB	64MB	1GB	1GB
Min OS Version	7.2.1	7.0.1	7.0.1	7.0.1	7.1.1	8.1.1	8.1.1
Max Virtual Interfaces	3 (trunking disabled) or 20 (trunking enabled) with Sec Plus License	50 or 100 with Sec Plus License	150	200	250	250	250
Network chipset(s)	Marvell 88E6095
Expansion Modules Supported	AIP-SSC	CSC-SSM, AIP-SSM, 4GE-SSM	CSC-SSM, AIP-SSM, 4GE-SSM	CSC-SSM, AIP-SSM, 4GE-SSM	No	6 Interface Cards	6 Interface Cards
Supports SSL VPN	Yes - 2 included, Max 25	Yes - 2 included, Max 250	Yes - 2 included, Max 750	Yes - 2 included, Max 2500	Yes - 2 included, Max 5000	Yes - 2 included, Max 10000	Yes - 2 included, Max 10000
Failover Supported	Stateless Active/Standby (with Sec Plus License)	Active/Standby, Active/Active (with Sec Plus License)	Active/Standby, Active/Active	Active/Standby, Active/Active	Active/Standby, Active/Active	Active/Standby, Active/Active	Active/Standby, Active/Active
Model	5505	5510	5520	5540	5550	5580-20	5580-40

Performance specifications

Model	ASA 5505^[2]	ASA 5510^[2]	ASA 5520^[2]	ASA 5540^[2]	ASA 5550^[2]	ASA 5580-20^[2]	ASA 5580-40^[2]	ASA 5585-X SSP10^[2]	ASA 5585-X SSP20^[2]	ASA 5585-X SSP40^[2]	ASA 5585-X SSP60^[2]
Cleartext throughput, Mbit/s	150	300	450	650	1,200	5,000	10,000	3,000	7,000	12,000	20,000
AES/Triple DES throughput, Mbit/s	100	170	225	325	425	1,000	1,000	1,000	2,000	3,000	5,000
Max simultaneous connections	10,000 (25,000 with Sec Plus License)	50,000 (130,000 with Sec Plus License)	280,000	400,000	650,000	1,000,000	2,000,000	1,000,000	2,000,000	4,000,000	10,000,000
Max site-to-site and remote access VPN sessions	10 (25 with Sec Plus License)	250	750	5,000	5,000	10,000	10,000	5,000	10,000	10,000	10,000
Max number of SSL VPN user sessions	25	250	750	2,500	5,000	10,000	10,000	5,000	10,000	10,000	10,000
Model	ASA 5505	ASA 5510	ASA 5520	ASA 5540	ASA 5550	ASA 5580-20	ASA 5580-40	ASA 5585-X SSP10	ASA 5585-X SSP20	ASA 5585-X SSP40	ASA 5585-X SSP60

References

^ Cisco press release quote: "Las Vegas (Interop) May 3, 2005 – Cisco Systems, Inc., today announced the availability of the Cisco ASA 5500 Series Adaptive Security Appliance s"
^ ^a ^b ^c ^d ^e ^f ^g ^h ⁱ ^j ^k "Cisco ASA Model Comparison page". Retrieved 2008-05-15.

External links

[1] Cisco press release quote: "Las Vegas (Interop) May 3, 2005 – Cisco Systems, Inc., today announced the availability of the Cisco ASA 5500 Series Adaptive Security Appliance s"

[cisco1-2] ^ ^a ^b ^c ^d ^e ^f ^g ^h ⁱ ^j ^k "Cisco ASA Model Comparison page". Retrieved 2008-05-15.

[1]

[2]