Техническая Спецификация для Cisco ASA5550-SSL5000-K9
Data Sheet
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 5 of 19
Businesses can extend their SSL and IPsec VPN capacity to support a larger number of mobile
workers, remote sites, and business partners. Businesses can scale up to 750 SSL VPN peers on
each Cisco ASA 5520 by installing an SSL VPN upgrade license; 750 IPsec VPN peers are
supported on the base platform. VPN capacity and resiliency can also be increased by taking
advantage of the Cisco ASA 5520's integrated VPN clustering and load-balancing capabilities. The
Cisco ASA 5520 supports up to 10 appliances in a cluster, supporting a maximum of 7500 SSL
VPN peers or 7500 IPsec VPN peers per cluster. The advanced application-layer security and
content security defenses provided by the Cisco ASA 5520 can be extended by deploying the high-
performance intrusion prevention and worm mitigation capabilities of the AIP SSM, or the
comprehensive malware protection of the CSC SSM. Using the optional security context
capabilities of the Cisco ASA 5520 Adaptive Security Appliance, businesses can deploy up to 20
virtual firewalls within an appliance to enable compartmentalized control of security policies on a
departmental level. This virtualization strengthens security and reduces overall management and
support costs while consolidating multiple security devices into a single appliance.
Table 3 lists features of the Cisco ASA 5520.
Table 3.
Cisco ASA 5520 Adaptive Security Appliance Platform Capabilities and Capacities
Feature
Description
Firewall Throughput
Up to 450 Mbps
Maximum Firewall and IPS Throughput
●
Up to 225 Mbps with AIP SSM-10
●
Up to 375 Mbps with AIP SSM-20
●
Up to 450 Mbps with AIP SSM-40
VPN Throughput
Up to 225 Mbps
Concurrent Sessions
280,000
IPsec VPN Peers
750
SSL VPN Peer License Levels*
10, 25, 50, 100, 250, 500, or 750
Security Contexts*
Up to 20
Interfaces
4 Gigabit Ethernet ports and 1 Fast Ethernet port
Virtual Interfaces (VLANs)
150
Scalability
VPN clustering and load balancing
High Availability
Active/Active, Active/Standby
*Separately licensed feature; includes two with base system
Cisco ASA 5540 Adaptive Security Appliance
The Cisco ASA 5540 Adaptive Security Appliance delivers high-performance, high-density security
services with Active/Active high availability and Gigabit Ethernet connectivity for medium-sized and
large enterprise and service-provider networks, in a reliable, modular appliance. With four Gigabit
Ethernet interfaces and support for up to 100 VLANs, businesses can use the Cisco ASA 5540 to
segment their network into numerous zones for improved security. The Cisco ASA 5540 Adaptive
Security Appliance scales with businesses as their network security requirements grow, delivering
exceptional investment protection and services scalability. The advanced network and application-
layer security services and content security defenses provided by the Cisco ASA 5540 Adaptive
Security Appliance can be extended by deploying the AIP SSM for high-performance intrusion
prevention and worm mitigation.
Businesses can scale their SSL and IPsec VPN capacity to support a larger number of mobile
workers, remote sites, and business partners. Businesses can scale up to 2500 SSL VPN peers