Справочник Пользователя для Cisco ASA 5545-X ASA5545VPN-PM25HK9
Модели
ASA5545VPN-PM25HK9
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks.
Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
At-A-Glance
Cisco AnyConnect Premium licensing is based on the number of simultaneous users,
and is available as a single device or shared license. This license can be enabled on
any Cisco ASA appliance model and provides flexibility to enable granular access based
on various policies. Cisco AnyConnect Premium licensing is also a requirement for
supporting the next-generation encryption, Suite B.
and is available as a single device or shared license. This license can be enabled on
any Cisco ASA appliance model and provides flexibility to enable granular access based
on various policies. Cisco AnyConnect Premium licensing is also a requirement for
supporting the next-generation encryption, Suite B.
Cisco AnyConnect Advanced Endpoint Assessment license is required to enable
remediation capabilities. This is an add-on license to the Premium license.
remediation capabilities. This is an add-on license to the Premium license.
Cisco AnyConnect Shared licenses, which are Premium licenses that are shared
across multiple Cisco ASA appliances, are another option for organizations looking to
optimize their use of licenses. Use of Shared licenses does not allow per ASA Premium
or Essentials licenses.
across multiple Cisco ASA appliances, are another option for organizations looking to
optimize their use of licenses. Use of Shared licenses does not allow per ASA Premium
or Essentials licenses.
Cisco AnyConnect Flex licenses enable an organization to temporarily support a higher
number of users to meet the increased user demand during a disaster or other large
scale event. This 56-day license is consumed on a per-day basis.
number of users to meet the increased user demand during a disaster or other large
scale event. This 56-day license is consumed on a per-day basis.
Figure 2. Cisco AnyConnect Secure Mobility Licensing on Cisco ASA Appliances
ADVANCED
ENDPOINT
ASSESSMENT
License
ESSENTIALS License
at minimum cost
MOBILE
License
at minimum
cost
Basic
Remote Access
Connectivity
Good for short-term periods of high demand.
(emergencies and special events)
FLEX License
PREMIUM License
MOBILE
License
at minimum
cost
Posture Assessment
and Clientless
Premium Licenses
Shared by
Multiple ASA Appliances
OR
SHARED License
Cisco ASA 5500 Series Models
The Cisco ASA 5500 Series delivers site-specific scalability, from the smallest business and home office deployments to the largest enterprise networks. The Cisco ASA 5500
Series comes in 10 different models. Each model is built with concurrent services scalability, investment protection, and future technology extensibility as its foundation.
Series comes in 10 different models. Each model is built with concurrent services scalability, investment protection, and future technology extensibility as its foundation.
Table 1 provides performance information for the Cisco ASA 5500 and 5500-X Series. Table 2 provides specifications for the different models.
Platform
ASA
5505
ASA
5512-X
ASA
5515-X
ASA
5525-X
ASA
5545-X
ASA
5555-X
ASA
5585-S10
ASA
5585-S20
ASA
5585-S40
ASA
5585-S60
Maximum 3DES/AES VPN Throughput
2
100 Mbps
200 Mbps
250 Mbps
300 Mbps
400 Mbps
700 Mbps
1 Gbps
2 Gbps
3 Gbps
5 Gbps
Maximum Site-to-Site and IPsec IKEv1 Client
VPN User Sessions
2
25
250
250
750
2500
5000
5000
10,000
10,000
10,000
Maximum Cisco AnyConnect or Clientless
VPN User Sessions
25
250
250
750
2500
5000
5000
10,000
10,000
10,000
Bundled Premium User Sessions
2
Stateful Failover
No
Yes
VPN Load Balancing
No
Yes
Shared VPN License Option
No
Yes
Table 1. Performance Details for Cisco ASA 5500 and 5500-X Series Appliances
2
The total concurrent IPsec and SSL (clientless and tunnel-based) VPN sessions may not exceed the maximum concurrent IPsec session count shown in the chart. The SSL VPN session number (clientless or Cisco AnyConnect client) may also not exceed the number of
licensed sessions on the device. The Cisco ASA 5585 supports a greater number of simultaneous users than the Cisco ASA 5555 at comparable overall SSL VPN throughput to the ASA 5555. VPN throughput and session count depend on the ASA device configuration
and VPN traffic patterns. These elements should be taken in to consideration as part of your capacity planning.