Cisco ASA 5506 - DSA Executive Level Review

When Cisco launched its ASA firewall series with FirePOWER services, its aim was to deliver a single security firewall appliance that provides a single easy-to-use, simple-to-implement device that handles multiple types of new and advanced security threats.

The logic behind the product is clear. One of the greatest security risks faced even by small businesses is that they often have multiple security solutions from multiple vendors. This increases complexity and means that there is no single view for all their security concerns. The net effect here is that the chances for security vulnerabilities are instantly amplified.

The Cisco ASA 5506 (part of the ASA 5500 series family) was designed to overcome this problem. Packaged in a neat box and targeted at small businesses, this product aims to deliver next generation security against multiple threats - from a single simple and intuitive interface.

The ASA 5506 is categorised as a Next Generation Firewall (NGFW), which refers to capabilities beyond the access control that traditional firewall products provide, such as application filtering. However not all NGFW are created equal, and with the ASA 5500 series NGFW family, Cisco clearly differentiates itself.

Cisco talks about multi-layered protection across the whole attack continuum – this means defence needs to span across before, during and after an attack. It also means consolidating all security event monitoring into a single management platform. What does this actually mean for the ASA 5506?

In addition to traditional firewall capabilities, it also includes:

· Next Generation Intrusion Prevention System (NGIPS)
· Advanced Malware Protection
· Application Visibility
· Reputation Based URL filtering

Looking beneath the headlines on the product feature list, Cisco has taken a lot of their enterprise experience and packed it into the SME focused device. For example, if we look at user and endpoint analysis which is a critical feature on any firewall, most products pitched at this market space will have user awareness, but will not have endpoint awareness or need to integrate with separate endpoint software. The ASA 5506, not only has user and endpoint awareness built in but also has awareness of user history over multiple devices.

Another example is NGIPS. Most firewalls will have a tick in the box confirming they have IPS but in many cases, this will be signature-based, meaning that an exact sequence of bytes is being looked for in network traffic. However today the attacks are more complex and come from multiple vectors. The ASA 5506 utilises real-time contextual awareness, which means it can spot more complex threats that do not follow an expected sequence. Also, because the ASA 5506 contextualises its analysis using user, device and location history, it will throw up far fewer false positives than signature-based products, ensuring that the devices, files and people you want to get through, do so.

One other example to highlight the level of sophistication and integration that Cisco has put into this device is sandboxing. This is an important security technique used to separate a potentially malicious program from production systems, that allow it to execute without it being able harm the live environment. Many SMB firewalls do not have Sandbox capability at all, and for those that do, it is rarely included and usually made available as an optional extra. This capability is built into the ASA 5506 series.

The technology is certainly enterprise class but this is a standalone unit that takes this technology and packages it in a format suitable for small and medium businesses. Delivering an uncompromising feature set, with cost effective pricing and simplicity of installation and management.

Click here for more special security offers powered by Cisco! 

You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments