Cisco Cisco ASA for Nexus 1000V Series Switch Datenbogen
Product Bulletin
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
Cisco Adaptive Security Appliance 9.2.1 Software
Release
Release
PB731880
The Cisco
®
ASA Adaptive Security Appliance 9.2.1 software release offers significant
new routing, clustering, and VPN features. The release is supported on the Cisco ASA
Services Module (ASA-SM) as well as the ASA 5505, ASA 5512-X, ASA 5515-X, ASA
5525-X, ASA 5545-X, ASA 5555-X, and ASA 5585-X appliances and processors and
the ASAv, the new virtual appliance form factor.
Services Module (ASA-SM) as well as the ASA 5505, ASA 5512-X, ASA 5515-X, ASA
5525-X, ASA 5545-X, ASA 5555-X, and ASA 5585-X appliances and processors and
the ASAv, the new virtual appliance form factor.
New Features
●
ASAv platform: ASA software 9.2.1 adds support for the new Cisco Adaptive Security Virtual Appliance.
The firewall software that previously ran on physical appliances now also runs as a virtual appliance. ASAv
is available in two throughput-based versions: 1 Gbps and 2 Gbps. Each version can be purchased with
either a bundle of firewall features or a bundle of firewall features and Cisco AnyConnect
®
premium
features.
●
BGPv4: ASA 9.2.1 adds support for the Border Gateway Protocol used for interdomain routing. With the
help of BGP, customers can peer ASA firewalls wit
h a service provider’s routers, thus optimizing equipment
costs. Customers can also take advantage of the rich controls provided by BGP to control route
advertisements. ASA software already supports dynamic unicast routing through Open Shortest Path First
(OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP).
●
Clustering enhancements: ASA 9.2.1 adds support for up to 16 members in a cluster and up to 32 active
EtherChannel member ports. This expands the available firewalling capacity in a cluster by twofold over
previous releases (to a maximum of 640 Gbps). In addition, it supports intersite clustering in a spanned
EtherChannel mode. Finally, ASA 9.2.1 validates Cisco Nexus
®
9300 interoperability with ASA clustering.
●
Remote access VPN enhancements
◦
Change of authorization (CoA): The Cisco Identify Services Engine (ISE) Change of Authorization
(CoA) feature provides a mechanism to change the attributes of an authentication, authorization, and
accounting (AAA) session after it is established. When a policy changes for a user or user group in AAA,
CoA packets can be sent directly to the ASA from ISE to reinitialize authentication and apply the new
policy. An Inline Posture Enforcement Point (IPEP) is no longer required to apply access control lists
(ACLs) for each VPN session established with the ASA.
◦
Clientless VPN:
ASA’s clientless VPN functionality now supports compressed content. Compressed
content sent by a server is available to requesting clients through URLs that are massaged by ASA to
function correctly.