Manualsbrain.com
  1. 매뉴얼
  2. 브랜드
  3. Cisco
  4. Cisco ASA 5585-X Adaptive Security Appliance
  5. 정보 가이드

Cisco Cisco ASA 5585-X Adaptive Security Appliance 정보 가이드

다운로드
페이지 25
 
 
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. 
Page 3 of 25 
Q.  Where can I find guidelines on migrating from the Cisco Catalyst® 6500 Series Firewall Services Module 
(FWSM) to ASA 5585-X appliances?  
A.  This migration requires a redesign of the network infrastructure. The typical approach is to use the FWSM-to-
ASASM migration tool to first sanitize the configuration. Please see the information at: 
. 
After that, you can manually replace the VLAN names with physical interfaces and run the configuration 
through the cloud migration tool for ASA, which can be found at: 
. 
You can even skip the first step and use the cloud migration tool directly, but make sure that the source 
interface names are aligned to match those of an ASA-5550 appliance. Then you have to edit the converted 
configuration to match that of an ASA 5585-X. 
Cisco ASAv Software 
Q.  What is the Cisco ASAv?  
A.  The Cisco Adaptive Security Virtual Appliance (ASAv) is a completely reimagined virtual security solution that 
supports both a fabric-based deployment with the 
and a 
traditional tiered deployment. The ASAv supports consistent, transparent security across physical, virtual, 
application-centric, and cloud environments. 
Q.  Does ASAv support full feature parity with physical ASA? 
A.  Yes, ASAv is in full sync with physical appliance features, with the exception of multiple contexts, clustering, 
and EtherChannel. 
Q.  Does ASAv support Cisco TrustSec
®
 technology: specifically, security group access control lists? 
A.  Yes, ASAv supports Cisco TrustSec technology and SG-ACLs. The policy rule is integrated into ASA policy 
and its stateful firewalling. 
Q.  Considering an ASAv with 1- Gbps, 1-vCPU license, what happens if the traffic passes 1 Gbps?  
A.  With the Controlled Introduction (9.2.1) ASAv release, 1 Gbps is the maximum performance that a customer 
can expect from one vCPU. The ASAv software does not do anything special to drop traffic that exceeds the 
threshold. If the vCPU is running close to close to capacity, incremental traffic will see a drop in speed. 
In future software releases a "shaper" in the software will limit traffic to the throughput specification of the 
product that was purchased. Also keep in mind the underlying virtual switch capacity. 
Q.  What hypervisors does ASAv support? 
A.  Following is the list of hypervisors and tentative timelines for support: 
 
VMware: ASAv is currently supported only on VMware as of ASA 9.2(1) software. Note that ASAv is 
independent of the virtual switch and does not require Cisco Nexus 1000V.  
 
KVM: ASAv on KVM will be supported soon. 
 
Microsoft Hyper-V and Citrix Xen: Support for on Hyper-V and Xen is being planned. 
Q.  What are the system requirements to run ASAv? 
A.  For a controlled introduction, ASAv requires VMware ESXi 5.x. See the VMware documentation 
at: 
.