Cisco Cisco ASA 5550 Adaptive Security Appliance Notas de publicación
5
Cisco ASA 5500 Series Release Notes Version 8.0(5)
OL-11904-04
New Features
New Features
Released: November 3, 2009
Hi
Table 3
lists the new features for ASA Version 8.0(5)/ASDM Version 6.2(3).
Note
Version 8.0(5) is not supported on the PIX security appliance.
VPN
For the latest OS and browser test results, see the Supported VPN Platforms,
Cisco ASA 5500 Series, Versions 8.0(2) to 8.1(1):
Cisco ASA 5500 Series, Versions 8.0(2) to 8.1(1):
SSM applications
For information about SSM application requirements, see Cisco ASA 5500
Series and PIX 500 Series Security Appliance Hardware and Software
Compatibility:
Series and PIX 500 Series Security Appliance Hardware and Software
Compatibility:
Table 2
ASDM, SSM, SSC, and VPN Compatibility
Application
Description
Table 3
New Features for ASA Version 8.0(5)/ASDM Version 6.2(3)
Feature
Description
Remote Access Features
Scalable Solutions for
Waiting-to-Resume
VPN Sessions
Waiting-to-Resume
VPN Sessions
An administrator can now keep track of the number of users in the active state and can look at the
statistics. The sessions that have been inactive for the longest time are marked as idle (and are
automatically logged off) so that license capacity is not reached and new users can log in
statistics. The sessions that have been inactive for the longest time are marked as idle (and are
automatically logged off) so that license capacity is not reached and new users can log in
The following ASDM screen was modified: Monitoring > VPN > VPN Statistics > Sessions.
Also available in Version 8.2(2).
Application Inspection Features
Enabling Call Set up
Between H.323
Endpoints
Between H.323
Endpoints
You can enable call setup between H.323 endpoints when the Gatekeeper is inside the network. The
adaptive security appliance includes options to open pinholes for calls based on the
RegistrationRequest/RegistrationConfirm (RRQ/RCF) messages.
adaptive security appliance includes options to open pinholes for calls based on the
RegistrationRequest/RegistrationConfirm (RRQ/RCF) messages.
Because these RRQ/RCF messages are sent to and from the Gatekeeper, the calling endpoint's IP
address is unknown and the security appliance opens a pinhole through source IP address/port 0/0.
By default, this option is disabled.
address is unknown and the security appliance opens a pinhole through source IP address/port 0/0.
By default, this option is disabled.
The following ASDM screen was modified: Configuration > Firewall > Objects > Inspect Maps >
H.323 > Details > State Checking.
H.323 > Details > State Checking.
Also available in Version 8.2(2).
Interface Features