Private Firewall Software: Cisco ASA 5500 Series IPS Edition for the Enterprise
Attacks on critical information assets and infrastructure can seriously degrade an organization's ability to do business. The most effective risk mitigation requires a solution that combines multiple trusted security technologies working in concert. Providing unparalleled protection for an organization's critical information assets, private firewall software like the Cisco ASA 5500 Series IPS Edition provides best-in-class firewall, application security, and intrusion prevention capabilities in a single, easy-to-deploy platform. Combining the strength and stability of the world's most-deployed firewall technology with the advanced inspection capabilities of the most popular IPS technology, the Cisco ASA 5500 Series IPS Edition protects an organization's servers and infrastructure from attack.
Challenge
Information assets and infrastructure form the core of the modern enterprise. Networked enterprises benefit from increased business efficiency and effectiveness, as well as a sustainable competitive advantage. However, this dependence on the network exposes the organization to risk. The growing number of attacks on the network, in concert with the increasing sophistication of these attacks, poses serious risks to the core business.
Web presences and Internet commerce sites are targets for attack Internet worms can infect servers, disable them, and take down an entire network Day-zero exploits expose organizations before patches are released and implemented Difficult-to-control internal environments, such as labs, are ideal locations for worm and virus infestations Disgruntled employees can launch attacks from inside the Internet edge perimeter
Solution
The Cisco® ASA 5500 Series IPS Edition protects an organization's servers and infrastructure without compromising its ability to use the network as a business tool. With its solid firewall software and advanced application security capabilities, the Cisco ASA 5500 Series IPS Edition provides robust and stable policy enforcement. Market-leading intrusion prevention and antiworm capabilities enable the Cisco ASA 5500 Series IPS Edition to protect assets from sophisticated attacks. Combined with Cisco's management and monitoring application suites, the Cisco ASA 5500 Series IPS Edition provides unparalleled protection of critical assets and infrastructure.
Capabilities of the solution include:
Internet security systems - Cisco ASA 5500
Building on the Cisco PIX Family of internet security systems, the Cisco ASA 5500 Series allows valid business traffic to flow, while keeping out unwelcome visitors. And with its application control capabilities, the solution can control the use of peer-to-peer, instant messaging, and other non-corporate applications. Such applications can lead to security leaks and the introduction of threats to the business's network.
Cisco Security: Threat Protection
The Cisco ASA 5500 Series IPS Edition combines inline intrusion prevention services with innovative technologies that improve accuracy. As a result, more threats can be stopped without the risk of dropping legitimate network traffic using Cisco security. Through a series of innovative yet simple techniques, the Cisco ASA 5500 Series IPS Edition allows organizations to adapt the detection and response technologies to individual environments, providing analysis and mitigation that is specific to your business.
Network Integration: Cisco Networking
Building on Cisco networking expertise, the Cisco ASA 5500 Series IPS Edition provides tight network integration with other network elements, increasing the effectiveness of security technologies.
IP Security - Cisco IPS Edition
Building upon the market-proven VPN capabilities of the Cisco VPN 3000 Series Concentrator, the Cisco ASA 5500 Series IPS Edition provides secure site-to-site and remote-user access to corporate networks and services. This solution offers businesses maximum flexibility for secure connectivity by combining support for Secure Sockets Layer (SSL) and IP Security (IPSec) VPN capabilities into a single, best-in-class solution. Using the services offered by the Cisco ASA 5500 Series IPS Edition, businesses can enforce identity-based security and networking policies, as well as prevent worms and many other forms of attack, while extending their network securely to employees, contractors, and business partners.
Cisco Management: Device Manager
The Cisco management and monitoring suite enables large-scale deployment and operation of the Cisco ASA 5500 Series IPS Edition. Cisco provides a complete solution, covering management, monitoring, and outbreak prevention. Also included with the solution is the Cisco Adaptive Security Device Manager (ASDM), which provides a powerful, yet easy-to-use browser-based management and monitoring interface for individual devices.
Business Benefits
The Cisco ASA 5500 Series IPS Edition provides the security and connectivity that helps your business with:
Business Resiliency:
Prevent disruption of business-critical applications and services due to security breaches by implementing the industry's most-deployed enterprise-grade firewall, IPS, application security, and worm protection technology.
Reduce Cleanup Costs:
Reduce the costly process of cleaning up after an infection by preventing the infection from occurring.
Operational Consolidation:
Reduce costs associated with deployment and ongoing management and monitoring of the security solution by standardizing on a single platform for security services.
Liability Management: Reduce the company's exposure to liability related to compromised data or inadequate corporate controls by implementing comprehensive access control and threat protection services in a single device.
Firewall Software Architecture
The Cisco ASA 5500 IPS Edition is the focal point of a complete solution for critical asset protection. Tight integration with Cisco management, monitoring, and outbreak prevention systems enables organizations to deploy and maintain a security solution that protects critical assets and infrastructure (Figure 1).
Figure 1. Solution Architecture
Private Firewall Primary Components
Cisco ASA 5500 Series IPS Edition provides protective services at locations across the enterprise.
Management
Cisco Security Manager (CS-Manager) provides an enterprise-grade management infrastructure for large-scale deployments of Cisco security technologies.
Monitoring
Cisco Security Monitoring, Analysis, and Response System (CS-MARS) provides real-time monitoring and incident response capabilities, which enable organizations to get the most value from the advanced inspection services of the Cisco ASA 5500 Series IPS Edition.
Outbreak Prevention
The Cisco Incident Control System (ICS) premium service enhances the capabilities of the Cisco ASA 5500 Series IPS Edition by providing near-real-time updates for the most dangerous worms and viruses. Cisco ICS enables organizations to respond in minutes, in a way never before possible, to new threats by using the industry's most rapid outbreak prevention response system.
Complementary Solutions
The Cisco® ASA 5500 Series Adaptive Security Appliance is a modular platform that provides the next generation of security and VPN services for small and medium-sized business and enterprise applications. The comprehensive portfolio of services within the Cisco ASA 5500 Series enables customization for location-specific needs through its four tailored package product editions: the Firewall, IPS, Content Security, and VPN Editions.
These packages enable superior protection by providing the right services for the right location. At the same time, they enable standardization on the Cisco ASA 5500 Series platform to reduce costs in management, training, and sparing. Finally, each Edition simplifies design and deployment by providing pre-packaged location-specific security solutions.
Figure 2. Complementary Solutions
