Javatpoint Logo
Javatpoint Logo

Adaptive security appliance (ASA) features

A firewall is a type of network security system that responds to incoming or outgoing packets according to preset rules based on their IP address and port number. Adaptive Security Appliance is what Cisco calls its firewall (ASA).

There are a number of models in the Cisco ASA 5500 series, including the Cisco ASA 5505, Cisco ASA 5510, Cisco ASA 5515-X, Cisco ASA 5520, Cisco ASA 5525-X, Cisco ASA 5540, Cisco ASA 5550, Cisco ASA 5555-X, and Cisco ASA 5585-X.

Adaptive Security Appliance (ASA) is a Cisco security product that combines basic firewall functionality with VPN support, antivirus protection, and a number of other features. The following are some ASA features:

  • Packet filtering: It is the straightforward process of filtering an incoming or outgoing packet based on the rules set forth in the ACL that has been configured for the device. It includes a number of allowable or prohibited conditions. No other rule is matched and the matched rule is executed if the traffic satisfies one of the rules.
  • Stateful filtering: If a packet is generated from a higher security level to a lower security level by default, ASA performs stateful tracking of the packet. TCP and UDP reply traffic will by default be allowed and will be able to, for example, telnet the other device in Lower security level if the traffic is initiated by the devices in Higher security levels for lower security levels device (as destination). This is due to stateful inspection being enabled by default, which maintains a stateful database (in which an entry about the source and destination device information such as IP address, port numbers are maintained).
  • Routing support -Static routing, default routing, and dynamic routing protocols like EIGRP, OSPF, and RIP are all supported by the ASA.
  • ASA's transparent firewall has two modes of operation:
    • Routed mode: In this mode, the ASA functions as a layer 3 device (router hop) and requires that its interface have two distinct IP addresses, which translates to two distinct subnets.
    • Transparent mode: In this mode, ASA operates at layer 2 and requires only a single IP address to manage ASA-related tasks because both the internal and external interfaces serve as a bridge.
  • Support for AAA services is provided by ASA either through a local database or a third-party server like ACS (Access Control Server).
  • VPN support - ASA supports SSL-based and policy-based VPNs such as point-to-point IPsec VPNs (including site-to-site VPN and remote access VPNs).
  • IPv6 support - ASA (new versions) supports static and dynamic IPv6 routing.
  • VPN load balancing is a Cisco ASA feature that is proprietary to Cisco. A number of ASA units can simultaneously share a number of clients.
  • Stateful failover - ASA supports a pair of Cisco ASA devices for high availability. The other ASA device will continue operating normally even if one of the ASA fails. When stateful failover is enabled, the active unit continuously transmits backup device connection state data. The new active unit has access to the same connection information following the failover.
  • With Cisco ASA's clustering feature, we can set up multiple ASA devices as a single logical device. There can be a maximum of 8 cohesive units in the cluster. High throughput and redundancy are both produced as a result of this.
  • Advanced Malware Protection (AMP) - Cisco ASA supports Next-Generation firewall features that can provide advanced malware protection in a single device by combining traditional firewall features with NGFW features.
  • MPF, or the Modular Policy Framework, is used to specify policies for various traffic flows. In order to use advanced firewall features like QoS, Policing, prioritising, etc., it is used in ASA.
    In order to use MPF, we define the Class-map to identify the type of traffic, the Policy-map to determine what actions, such as prioritising, should be taken, and the Service-Policy to determine where they should be used.
Next TopicRelabel-to-front Algorithm




Youtube For Videos Join Our Youtube Channel: Join Now

Feedback

Help Others, Please Share

facebook twitter pinterest

Learn Latest Tutorials

Splunk tutorial

Splunk
SPSS tutorial

SPSS
Swagger tutorial

Swagger
T-SQL tutorial

Transact-SQL
Tumblr tutorial

Tumblr
React tutorial

ReactJS
Regex tutorial

Regex
Reinforcement learning tutorial

Reinforcement Learning
R Programming tutorial

R Programming
RxJS tutorial

RxJS
React Native tutorial

React Native
Python Design Patterns

Python Design Patterns
Python Pillow tutorial

Python Pillow
Python Turtle tutorial

Python Turtle
Keras tutorial

Keras

Preparation

Aptitude

Aptitude
Logical Reasoning

Reasoning
Verbal Ability

Verbal Ability
Interview Questions

Interview Questions
Company Interview Questions

Company Questions

Trending Technologies

Artificial Intelligence

Artificial Intelligence
AWS Tutorial

AWS
Selenium tutorial

Selenium
Cloud Computing

Cloud Computing
Hadoop tutorial

Hadoop
ReactJS Tutorial

ReactJS
Data Science Tutorial

Data Science
Angular 7 Tutorial

Angular 7
Blockchain Tutorial

Blockchain
Git Tutorial

Git
Machine Learning Tutorial

Machine Learning
DevOps Tutorial

DevOps

B.Tech / MCA

DBMS tutorial

DBMS
Data Structures tutorial

Data Structures
DAA tutorial

DAA
Operating System

Operating System
Computer Network tutorial

Computer Network
Compiler Design tutorial

Compiler Design
Computer Organization and Architecture

Computer Organization
Discrete Mathematics Tutorial

Discrete Mathematics
Ethical Hacking

Ethical Hacking
Computer Graphics Tutorial

Computer Graphics
Software Engineering

Software Engineering
html tutorial

Web Technology
Cyber Security tutorial

Cyber Security
Automata Tutorial

Automata
C Language tutorial

C Programming
C++ tutorial

C++
Java tutorial

Java
.Net Framework tutorial

.Net
Python tutorial

Python
List of Programs

Programs
Control Systems tutorial

Control System
Data Mining Tutorial

Data Mining
Data Warehouse Tutorial

Data Warehouse