Cisco Cisco ASA 5555-X Adaptive Security Appliance 發佈版本通知
32
Release Notes for Cisco ASDM, Version 6.4(x)
New Features
Increased connections for
the ASA 5580 and 5585-X
the ASA 5580 and 5585-X
We increased the firewall connection limits:
•
ASA 5580-20—1,000,000 to 2,000,000.
•
ASA 5580-40—2,000,000 to 4,000,000.
•
ASA 5585-X with SSP-10: 750,000 to 1,000,000.
•
ASA 5585-X with SSP-20: 1,000,000 to 2,000,000.
•
ASA 5585-X with SSP-40: 2,000,000 to 4,000,000.
•
ASA 5585-X with SSP-60: 2,000,000 to 10,000,000.
Increased AnyConnect VPN
sessions for the ASA 5580
sessions for the ASA 5580
The AnyConnect VPN session limit was increased from 5,000 to 10,000.
Increased Other VPN
sessions for the ASA 5580
sessions for the ASA 5580
The other VPN session limit was increased from 5,000 to 10,000.
High Availability Features
Stateful Failover with
Dynamic Routing Protocols
Dynamic Routing Protocols
Routes that are learned through dynamic routing protocols (such as OSPF and EIGRP) on the
active unit are now maintained in a Routing Information Base (RIB) table on the standby unit.
Upon a failover event, traffic on the secondary active unit now passes with minimal disruption
because routes are known. Routes are synchronized only for link-up or link-down events on an
active unit. If the link goes up or down on the standby unit, dynamic routes sent from the active
unit may be lost. This is normal, expected behavior.
active unit are now maintained in a Routing Information Base (RIB) table on the standby unit.
Upon a failover event, traffic on the secondary active unit now passes with minimal disruption
because routes are known. Routes are synchronized only for link-up or link-down events on an
active unit. If the link goes up or down on the standby unit, dynamic routes sent from the active
unit may be lost. This is normal, expected behavior.
We did not modify any screens.
Unified Communication Features
Phone Proxy addition to
Unified Communication
Wizard
Unified Communication
Wizard
The Unified Communications wizard guides you through the complete configuration and
automatically configures required aspects for the Phone Proxy. The wizard automatically
creates the necessary TLS proxy, then guides you through creating the Phone Proxy instance,
importing and installing the required certificates, and finally enables the SIP and SCCP
inspection for the Phone Proxy traffic automatically.
automatically configures required aspects for the Phone Proxy. The wizard automatically
creates the necessary TLS proxy, then guides you through creating the Phone Proxy instance,
importing and installing the required certificates, and finally enables the SIP and SCCP
inspection for the Phone Proxy traffic automatically.
We modified the following screens:
Wizards > Unified Communications Wizard.
Configuration > Firewall > Unified Communications.
Wizards > Unified Communications Wizard.
Configuration > Firewall > Unified Communications.
UC Protocol Inspection
Enhancements
Enhancements
SIP Inspection and SCCP Inspection are enhanced to support new features in the Unified
Communications Solutions; such as, SCCP v2.0 support, support for GETPORT messages in
SCCP Inspection, SDP field support in INVITE messages with SIP Inspection, and QSIG
tunneling over SIP. Additionally, the Cisco Intercompany Media Engine supports Cisco RT
Lite phones and third-party video endpoints (such as, Tandberg).
Communications Solutions; such as, SCCP v2.0 support, support for GETPORT messages in
SCCP Inspection, SDP field support in INVITE messages with SIP Inspection, and QSIG
tunneling over SIP. Additionally, the Cisco Intercompany Media Engine supports Cisco RT
Lite phones and third-party video endpoints (such as, Tandberg).
We did not modify any screens.
Inspection Features
DCERPC Enhancement
DCERPC Inspection was enhanced to support inspection of RemoteCreateInstance RPC
messages.
messages.
We did not modify any screens.
Troubleshooting and Monitoring Features
Table 12
New Features for ASA Version 8.4(1)/ASDM Version 6.4(1) (continued)
Feature
Description