Cisco Cisco ASA 5585-X with No Payload Encryption Data Sheet
Data Sheet
All contents are Copyright © 1992–2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 5
Feature
Description
Flexible
●
Deployment options
◦
Inline
◦
Promiscuous
◦
Hybrid (inline and promiscuous)
◦
Appliance
◦
Integrated with firewall
◦
Integrated with router
◦
Integrated with switch
◦
Virtual sensor VLAN pairs
●
Modular design
◦
Signature updates
◦
Inspection capabilities updates
◦
Management software updates
◦
Performance improvements
●
Cisco IPS Manager Express
●
Cisco Security Management Suite
◦
Cisco Security Manager
◦
Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS)
Intelligent
Cisco IPS Software is the core of Cisco IPS solutions. The software is built on advanced Cisco
security and network expertise to provide intelligent inspection, as well as day-zero and evasion
protection.
Cisco IPS Software inspection technology is engineered to prevent sophisticated malicious activity,
whether it takes the form of worms, targeted espionage, data theft, or denial of service. These
modular inspection capabilities are completely stateful, and can detect and prevent threats to the
entire network stack, from applications to Address Resolution Protocol (ARP). The result is that
Cisco IPS Software is not just a simple pattern-matching technology; it understands your traffic.
Day-zero protection is central to the Cisco IPS Software architecture. Inspection capabilities are
geared towards addressing vulnerabilities, as opposed to the exploits that attack them. This gives
the software an advantage in dealing with undiscovered and undisclosed vulnerabilities, as well as
new exploits for known vulnerabilities: An exploit for a single vulnerability can be written an
unlimited number of ways. Using vulnerability-based signatures coupled with sophisticated
inspection modules for protocol, statistical, and application anomaly detection, Cisco IPS Software
can identify and prevent threats before they are fully understood by the security community, and
recorded in the wild.
Cisco IPS Software also provides unparalleled protection from evasion. Whether they’re hoping to
disrupt your business or steal data, sophisticated attackers commonly use techniques that are
designed to get past IPS technologies, without being detected and stopped. But the intelligent
Cisco IPS Software design provides the industry’s best protection from evasion, through rigorous
decoding modules and in-depth protocol analysis. Cisco IPS Software decodes and analyzes
network data in the same manner as the client or server in the conversation would, so attempts to
obscure attacks or sneak past your security controls are stopped before they reach their targets.
New exploits emerge every day, are easily modified, and change rapidly in the wild. By
understanding the protocols and vulnerabilities that those exploits target, Cisco IPS Software
protects your business from the problems, not the symptoms.