One Cisco Appliance to Handle All
Executives at Cisco Systems took the wraps off a new security appliance designed to unify several security functions under one roof Tuesday.
Announced at the Networld + Interop show today in Las Vegas, the Adaptive Security Appliance (ASA) 5500 series of appliances is a component of Cisco's Adaptive Threat Defense (ATD) portfolio within its self-defending network initiative, officials said.
The goal of the ATD, officials say, is to provide security services that stop a network attack before it can start.
"Security has to be able to be adaptive, not just for identifying the signatures that already existed from known spam or known spyware, et cetera," said John Chambers, Cisco president and CEO, in a keynote speech at the show Tuesday.
"[It's] the ability to watch the pattern of a packet across the entire network from the time it leaves the device and to be able to have the virtualization of firewalls and VPNs [virtual private networks] throughout, and to be able to collect the data and audit it to see if your procedures, which is where you're going to get into trouble a year from now, are up to speed versus what you think."
According to the company, the ASA 5500 family incorporates security functionality already found in its PIX Security Appliance, IPS 4200 series and VPN 3000 product lines.
The company added to the new appliance VPN services that support remote-access IPsec (define) protocols and Secure Sockets Layer (SSL), as well as quality-of-service enabled site-to-site IPsec services.
Besides security management, the ASA 5500 series is also intended to address policy management rules for Web site visits. Also added to the mix is routing, IPv6 and multicast support.
Officials say the "single device, many services" approach reduces the number of platforms that must be deployed and managed, while saving customers money in rack space, training, troubleshooting and maintenance.
"The traditional deployment of security services results in product 'silos' and forces organizations to trade-off between operational efficiency and holistic security," Joel Conover, a principal analyst at research firm Current Analysis, said in a statement
Conover also said the ASA 5500 series solves the problem of multi-platform security management and makes it more economically feasible to deliver comprehensive security services to more network locations in the enterprise.
Many of the security and management services found in the appliance are controlled through an Adaptive Security Device Manager. The Web-based manager lets IT personnel configure all security and VPN device services, though the device status, monitoring and reporting feature is recommended for up to 10 devices.
The ASA 5510, geared toward the smaller business network with up to 300 Mbps of concurrent traffic, starts at $3,495. With up to 450 Mbps concurrent performance, the ASA 5520 is geared toward the mid-range business and starts at $7,995. The ASA 5540 is tailored to the large corporate networks, with up to 650 Mbps concurrent performance, and starts at $16,995.
The three products are expected this month.
Cisco officials also announced security services that expand past the ASA 5500 series and into the entire security appliance and security line.
The Cisco Incident Readiness and Response Services evaluates a company's current threat preparedness and comes up with processes to minimize that threat. And MySDN is a Web service that notifies customers of the latest threats, mitigation strategies and vulnerabilities. The two services are part of Cisco's lifecycle security services.