Cisco Cisco ASA 5555-X Adaptive Security Appliance 發佈版本通知

 lists the new features for ASA Version 8.4(1)/ASDM Version 6.4(1).

PAT pool and round robin 
address assignment

You can now specify a pool of PAT addresses instead of a single address. You can also 
optionally enable round-robin assignment of PAT addresses instead of first using all ports on a 
PAT address before using the next address in the pool. These features help prevent a large 
number of connections from a single PAT address from appearing to be part of a DoS attack 
and makes configuration of large numbers of PAT addresses easy.

Currently in 8.4(1.11), the PAT pool feature is not available as a fallback method for 
dynamic NAT or PAT. You can only configure the PAT pool as the primary method for 
dynamic PAT (CSCtq20634).

We modified the following screens:

Configuration > Firewall > NAT Rules > Add/Edit Network Object
Configuration > Firewall > NAT Rules > Add/Edit NAT Rule

Support for the ASA 5585-X We introduced support for the ASA 5585-X with Security Services Processor (SSP)-10, -20, 

-40, and -60.

Support was previously added in 8.2(3) and 8.2(4); the ASA 5585-X is not supported 
in 8.3(x).

No Payload Encryption 
hardware for export

You can purchase the ASA 5585-X with No Payload Encryption. For export to some countries, 
payload encryption cannot be enabled on the Cisco ASA 5500 series. The ASA software senses 
a No Payload Encryption model, and disables the following features:

Unified Communications

VPN

You can still install the Strong Encryption (3DES/AES) license for use with management 
connections. For example, you can use ASDM HTTPS/SSL, SSHv2, Telnet and SNMPv3. You 
can also download the dynamic database for the Botnet Traffic Filer (which uses SSL).

L2TP/IPsec Support on 
Android Platforms

We now support VPN connections between Android mobile devices and ASA 5500 series 
devices, when using the L2TP/IPsec protocol and the native Android VPN client. Mobile 
devices must be using the Android 2.1, or later, operating system.