Adaptive security appliance (ASA) features
A firewall is a type of network security system that responds to incoming or outgoing packets according to preset rules based on their IP address and port number. Adaptive Security Appliance is what Cisco calls its firewall (ASA).
There are a number of models in the Cisco ASA 5500 series, including the Cisco ASA 5505, Cisco ASA 5510, Cisco ASA 5515-X, Cisco ASA 5520, Cisco ASA 5525-X, Cisco ASA 5540, Cisco ASA 5550, Cisco ASA 5555-X, and Cisco ASA 5585-X.
Adaptive Security Appliance (ASA) is a Cisco security product that combines basic firewall functionality with VPN support, antivirus protection, and a number of other features. The following are some ASA features:
- Packet filtering: It is the straightforward process of filtering an incoming or outgoing packet based on the rules set forth in the ACL that has been configured for the device. It includes a number of allowable or prohibited conditions. No other rule is matched and the matched rule is executed if the traffic satisfies one of the rules.
- Stateful filtering: If a packet is generated from a higher security level to a lower security level by default, ASA performs stateful tracking of the packet. TCP and UDP reply traffic will by default be allowed and will be able to, for example, telnet the other device in Lower security level if the traffic is initiated by the devices in Higher security levels for lower security levels device (as destination). This is due to stateful inspection being enabled by default, which maintains a stateful database (in which an entry about the source and destination device information such as IP address, port numbers are maintained).
- Routing support -Static routing, default routing, and dynamic routing protocols like EIGRP, OSPF, and RIP are all supported by the ASA.
- ASA's transparent firewall has two modes of operation:
- Routed mode: In this mode, the ASA functions as a layer 3 device (router hop) and requires that its interface have two distinct IP addresses, which translates to two distinct subnets.
- Transparent mode: In this mode, ASA operates at layer 2 and requires only a single IP address to manage ASA-related tasks because both the internal and external interfaces serve as a bridge.
- Support for AAA services is provided by ASA either through a local database or a third-party server like ACS (Access Control Server).
- VPN support - ASA supports SSL-based and policy-based VPNs such as point-to-point IPsec VPNs (including site-to-site VPN and remote access VPNs).
- IPv6 support - ASA (new versions) supports static and dynamic IPv6 routing.
- VPN load balancing is a Cisco ASA feature that is proprietary to Cisco. A number of ASA units can simultaneously share a number of clients.
- Stateful failover - ASA supports a pair of Cisco ASA devices for high availability. The other ASA device will continue operating normally even if one of the ASA fails. When stateful failover is enabled, the active unit continuously transmits backup device connection state data. The new active unit has access to the same connection information following the failover.
- With Cisco ASA's clustering feature, we can set up multiple ASA devices as a single logical device. There can be a maximum of 8 cohesive units in the cluster. High throughput and redundancy are both produced as a result of this.
- Advanced Malware Protection (AMP) - Cisco ASA supports Next-Generation firewall features that can provide advanced malware protection in a single device by combining traditional firewall features with NGFW features.
- MPF, or the Modular Policy Framework, is used to specify policies for various traffic flows. In order to use advanced firewall features like QoS, Policing, prioritising, etc., it is used in ASA.
In order to use MPF, we define the Class-map to identify the type of traffic, the Policy-map to determine what actions, such as prioritising, should be taken, and the Service-Policy to determine where they should be used.