Why do I need a firewall?

As an organization's dependency on computers and network communications increases, so does its vulnerability to information security compromises. Almost every week the media reports on new computer crimes, system break-ins, malicious code attacks, and the ever-growing threat of cyber terrorism. Current research on network security shows three realities that organizations must consider:

  • Threats to computer systems and networks are increasing
  • Damage caused by malicious attacks is rising
  • Systems without appropriate security are easy hits for hackers

Many types of information must be protected by law. In the United States, the Gramm-Leach-Bliley Act requires companies to notify consumers of their privacy policies and to provide opt-out provisions for consumers who do not want their personal information distributed beyond the company. In addition, the Gramm-Leach-Bliley Act protects nonpublic financial data. Data stored on computers that has even a remote possibility of containing information such as social security numbers, credit card and financial account numbers, account balances, and investment portfolio information must be protected.

The use and disclosure of patient medical information originally was protected by a patchwork of U.S. state laws, leaving gaps in the protection of patients' privacy and confidentiality. The United States Congress also recognized the need for national patient record privacy standards in 1996 when it enacted the Health Insurance Portability and Accountability Act of 1996 (HIPAA), protecting all medical records and other individually identifiable health information used or disclosed by a covered entity in any form, whether electronically, on paper, or orally.

In addition to the legal ramifications of a security breach, independent research firm, Computer Economics has substantiated that malicious attacks result in actual financial costs, decreases in revenue, and an incredible impact on productivity. The SAFE Blueprint from Cisco Systems is an architecture that can help organizations to reduce incidents of security breach and to meet the requirements of new laws and regulations around the world.

Security is becoming far more complex everyday and SAFE serves as a guide to network designers considering the security requirements of their network. SAFE takes a defense-in-depth approach to network security design resulting in a layered approach to security where the failure of one security system is not likely to lead to the compromise of network resources.

Cisco ASA 5500 Series Adapative Security Appliances

Cisco® ASA 5500 Series adaptive security appliances are purpose-built solutions that combine best-in-class security and VPN services with an innovative, extensible services architecture. Designed as a core component of the Cisco Self-Defending Network, the Cisco ASA 5500 Series provides proactive threat defense that stops attacks before they spread through the network, controls network activity and application traffic, and delivers flexible VPN connectivity. The result is a powerful multifunction network security appliance family that provides the security breadth and depth for protecting home office, branch office, small and medium-sized business, and enterprise networks while reducing the overall deployment and operations costs and complexities associated with providing this new level of security.

The Cisco ASA 5500 Series delivers a powerful combination of multiple market-proven technologies in a single platform, making it operationally and economically feasible for organizations to deploy comprehensive security services to more locations. The comprehensive portfolio of services within the Cisco ASA 5500 Series enables customization for location-specific needs through tailored product editions for small to medium-sized businesses and for enterprises. These editions enable superior protection by providing the right services for the right location. Each edition combines a focused set of Cisco ASA 5500 Series services (such as firewall, SSL and IPsec VPN, IPS, and anti-X services) to meet the needs of specific environments within the enterprise network. By ensuring the security needs of each location are met, the overall network security posture is raised.

Figure 1. Cisco ASA 5500 Series Adaptive Security Appliances

The Cisco ASA 5500 Series helps businesses more effectively and efficiently protect their networks while delivering exceptional investment protection through the following key elements:

• Market-proven security and VPN capabilities-Full-featured, high-performance firewall, intrusion prevention (IPS), anti-X, and Secure Sockets Layer/IP Security (SSL/IPsec) VPN technologies deliver robust application security, user- and application-based access control, worm and virus mitigation, malware protection, content filtering, and remote user/site connectivity.

• Extensible services architecture- Taking advantage of a modular services processing and policy framework offered by the Cisco ASA 5500 Series, businesses can apply specific security and network services on a per-traffic-flow basis, delivering highly granular policy controls and a wide range of protective services with streamlined traffic processing. The efficiencies of this policy framework, as well as software and hardware extensibility through user-installable security services modules (SSMs) and security services cards (SSCs), advance the evolution of existing services and the deployment of new services without requiring a platform replacement or performance compromise. With these capabilites, the Cisco ASA 5500 Series provides the foundation for highly customizable security policies and unprecedented services extensibility to help protect against the fast-evolving threat environment.

• Reduced deployment and operations costs-The multifunction Cisco ASA 5500 Series allows for platform, configuration, and management standardization, helping to decrease the costs of deployment and ongoing operations.

INTRODUCING THE CISCO ASA 5500 SERIES

The Cisco ASA 5500 Series includes the Cisco ASA 5505, 5510, 5520, 5540, and 5550 adaptive security appliances-purpose-built, high-performance security solutions that take advantage of Cisco expertise in developing industry-leading, award-winning security and VPN solutions. The series integrates the latest technologies from Cisco PIX® 500 Series security appliances, Cisco IPS 4200 Series sensors, and Cisco VPN 3000 Series concentrators. Designed as a key component of the Cisco Self-Defending Network, the Cisco ASA 5500 Series provides proactive threat defense that stops attacks before they spread through the network, controls network activity and application traffic, and delivers flexible VPN connectivity. The result is a powerful multifunction network security appliance family that provides the security breadth and depth for protecting small and medium-sized business (SMB), enterprise, and service provider networks while reducing the overall deployment and operations costs and complexities associated with providing this new level of security.
The extensible Cisco AIM services architecture and the flexible multiprocessor design of the Cisco ASA 5500 Series enable the adaptive security appliances to provide unprecedented performance for multiple concurrent security services while delivering exceptional investment protection. The Cisco ASA 5500 Series appliances combines multiple high-performance processors that work in concert to deliver advanced firewall services, IPS services, anti-X/content security services, IPsec and SSL VPN services, and more. Businesses can add other high-performance security services by installing Cisco ASA 5500 Series security services modules-such as the Advanced Inspection and Prevention Security Services Module (AIP SSM) for intrusion prevention services or the Cisco ASA 5500 Series Content Security and Control Security Services Module (CSC SSM) for advanced anti-X services. This flexible design makes the Cisco ASA 5500 Series uniquely capable of adapting to new threats, protecting against the fast-evolving threat environment, and providing exceptional investment protection through its use of programmable hardware to "future-proof" the platform for years to come. The combination of these high-performance, market-proven security and VPN capabilities, along with integrated Gigabit Ethernet connectivity and a diskless, flash-based architecture, make the Cisco ASA 5500 Series an ideal choice for businesses requiring a best-in-class security solution with high performance, flexibility, reliability, and investment protection.
All Cisco ASA 5500 Series appliances include maximum IPsec VPN users on the base system; SSL VPN is licensed and purchased separately. By converging SSL and IPsec VPN services with comprehensive threat defense technologies, the Cisco ASA 5500 Series provides highly customizable network access tailored to meet the requirements of diverse deployment environments while providing advanced endpoint and network-level security.

CISCO ASA 5505 ADAPTIVE SECURITY APPLIANCE

The Cisco ASA 5505 Adaptive Security Appliance is a next-generation, full-featured security appliance for small business, branch office, and enterprise teleworker environments that delivers high-performance firewall, SSL and IPsec VPN, and rich networking services in a modular, "plug-and-play" appliance. Using the integrated Web-based Cisco Adaptive Security Device Manager, the Cisco ASA 5505 can be rapidly deployed and easily managed, enabling businesses to minimize operations costs. The Cisco ASA 5505 features a flexible 8-port 10/100 Fast Ethernet switch, whose ports can be dynamically grouped to create up to three separate VLANs for home, business, and Internet traffic for improved network segmentation and security. The Cisco ASA 5505 provides two Power over Ethernet (PoE) ports, enabling simplified deployment of Cisco IP phones with zero-touch secure voice over IP (VoIP) capabilities, and deployment of external wireless access points for extended network mobility. The Cisco ASA 5505 also provides significant expandability and investment protection through its modular design, similar to the rest of the Cisco ASA 5500 Series, offering both an external expansion slot and multiple USB ports that enable the addition of services in the future.
As business needs grow, customers can install a Security Plus upgrade license, enabling the Cisco ASA 5505 Adaptive Security Appliance to scale to support a higher connection capacity and a higher number of IPsec VPN users, add full DMZ support, and integrate into switched network environments through VLAN trunking support. Furthermore, this upgrade license maximizes business continuity by enabling support for redundant ISP connections and stateless Active/Standby high-availability services. This combination of market-leading security and VPN services, advanced networking features, flexible remote management capabilities, and future extensibility makes the Cisco ASA 5505 an excellent choice for businesses requiring a best-in-class small business, branch office, or enterprise teleworker security solution.

SERVICE AND SUPPORT

Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, visit Cisco Technical Support Services or Cisco Advanced Services. For services specific to IPS features delivered using the AIP SSM, visit Cisco Services for IPS.

FOR MORE INFORMATION

For more information, please visit the following links:

• Cisco ASA 5500 Series Adaptive Security Appliance: http://www.cisco.com/go/asa

• Cisco Adaptive Security Device Manager: http://www.cisco.com/go/asdm

For more information on these products;

Email:  mailto:info@ccs-nc.com

For issues needing our engineer or technical support;

Email:   mailto:support@ccs-nc.com

Telephone: (910) 794-8580

Fax: (910) 799-8237

 

Information Request Form

Select the items that apply, and then let us know how to contact you.

Send service literature
Send company literature
Have a salesperson contact me

Name
Title
Company
Address
E-mail
Phone