Meet the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco® ASA with FirePOWER Services delivers integrated threat defense for the entire attack continuum – before, during, and after an attack. How? By combining the proven security capabilities of the Cisco ASA firewall with the industry-leading Sourcefire® threat and Advanced Malware Protection (AMP) features together in a single device. The solution uniquely extends the capabilities of the Cisco ASA 5500-X Series Next-Generation Firewalls beyond what today’s NGFW solutions are capable of. Whether you need protection for a small or midsized business, a distributed enterprise, or a single data center, Cisco ASA with FirePOWER Services provides the needed scale and context in a NGFW solution.
Superior Multilayered Protection
Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA is the world’s most widely deployed, enterprise-class stateful firewall. Cisco ASA with FirePOWER Services features these comprehensive capabilities:
● Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
● Granular Application Visibility and Control (AVC) supports more than 4,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
● The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
● Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
● AMP provides industry-leading breach detection effectiveness, sandboxing, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.
|Feature||Cisco ASA 5506-X w/ FirePOWER Services|
Application Control (AVC)
Application Control (AVC) and IPS
|Sizing Throughput [440 byte HTTP]2:
Application Control (AVC) or IPS
|Maximum concurrent sessions||20,000; 500001|
|Maximum New Connections per second||5,000|
|Supported applications||More than 3,000|
|Number of URLs categorized||More than 280 million|
|Centralized configuration, logging, monitoring, and reporting||Multi-device Cisco Security Manager (CSM) and Cisco Firepower Management Center|
|On-Device Management||ASDM (version 7.3 or higher required)||ASDM|