Meet the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco® ASA with FirePOWER Services delivers integrated threat defense for the entire attack continuum - before, during, and after an attack. How? By combining the proven security capabilities of the Cisco ASA firewall with the industry-leading Sourcefire® threat and Advanced Malware Protection (AMP) features together in a single device. The solution uniquely extends the capabilities of the Cisco ASA 5500-X Series Next-Generation Firewalls beyond what today’s NGFW solutions are capable of. Whether you need protection for a small or midsized business, a distributed enterprise, or a single data center, Cisco ASA with FirePOWER Services provides the needed scale and context in a NGFW solution.
Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA is the world’s most widely deployed, enterprise-class stateful firewall. Cisco ASA with FirePOWER Services features these comprehensive capabilities:
Cisco ASA with FirePOWER Services is centrally managed by the Cisco Firepower Management Center (formerly known as Cisco FireSIGHT Management Center), which provides security teams with comprehensive visibility into and control over activity within the network. Such visibility includes users, devices, communication between virtual machines, vulnerabilities, threats, client-side applications, files, and web sites. Holistic, actionable indications of compromise (IoCs) correlate detailed network and endpoint event information and provide further visibility into malware infections. Cisco’s enterprise-class management tools help administrators reduce complexity with unmatched visibility and control across NGFW deployments. Cisco Firepower Management Center also provides content awareness with malware file trajectory that aids infection scoping and root cause determination to speed time to remediation.
Cisco Security Manager provides scalable and centralized network operations workflow management. It integrates a powerful suite of capabilities; including policy and object management, event management, reporting, and troubleshooting for Cisco ASA firewall functions when utilizing Cisco Firepower Management Center.
For local, on-device management including deployments for small and midsized businesses, Cisco Adaptive Security Device Manager (ASDM) 7.3.x provides, access control and advanced threat defense management. ASDM V 7.3.x provides an enhanced user interface that provides quick views on trends and the ability to drill down for further analysis.
Cisco ASA with FirePOWER Services incorporates an integrated approach to threat defense, reducing capital and operating costs and administrative complexity. It smoothly integrates with the existing IT environment, work stream, and network fabric. The appliance family is highly scalable, performs at up to multigigabit speeds, and provides consistent and robust security across branch, Internet edge, and data centers in both physical and virtual environments.
With Cisco Firepower Management Center, administrators can streamline operations to correlate threats, assess their impact, automatically tune security policy, and easily attribute user identities to security events. Cisco Firepower Management Center continually monitors how the network is changing over time. New threats are automatically assessed to determine which ones can affect your business. Responses are then focused on remediation and network defenses are adapted to changing threat conditions. Critical security activities such as policy tuning are automated, saving time and effort, while protections and countermeasures are maintained in an optimal state.
Cisco Firepower Management Center integrates easily with third-party security solutions through the eStreamer API to streamline operation workflows and fit existing network fabrics.
Cisco ASA with FirePOWER Services include Cisco ASA firewalling, AVC, URL filtering, NGIPS, and AMP. This unique set of capabilities is available on the Cisco ASA 5500-X Series NGFW platforms: Cisco ASA 5506-X, 5506W-X, 5506H-X, 5508-X, 5516-X, 5512-X, 5515-X, 5525-X, 5545-X, 5555-X.
Cisco ASA with FirePOWER Services software is supported on the Cisco ASA 5500-X Series of next-generation midrange security appliances running Cisco ASA Software Release 9.2.2 and later. Cisco Firepower Management Center and Cisco Security Manager are required to manage Cisco ASA with FirePOWER Services ASA 5512-X, 5515-X, 5525-X, 5545-X, 5555-X. ASDM V 7.3.x is available on-device to manage single instance deployments of Cisco ASA 5506-X, 5506W-X, 5506H-X, 5508-X, and 5516-X with FirePOWER Services.
Cisco ASA 5500-X Series 6-port Gigabit Ethernet Interface Cards extend the I/O profile of the Cisco ASA 5500-X Series appliances* by providing additional GE ports. The cards provide the following benefits:
Note: Not available on ASA 5508-X or ASA 5516-X