ASA as a UTM: Anti Virus, Worms and Spyware ?

mcroft · ‎01-02-2009

Hi,

I am looking into a 'Secure VPN' solution for Remote Access, only a small solution 10-20 users.

I have two main objectives :

To use SSL Technology, to ensure data confidentiality and more importantly, a solution to ensure VPN traffic is clean and scrubbed of any Malware. (it's imperative worms/viruses/malware are not spread into our datacentre from remote users). The solution must be provided on a cost affective budget.

Question: Will a ASA55XX armed with a IPS module (SSM-AIP) be sufficient for a "ANTI-X" UTM device ?

As I understand, the IPS module will protect against Worms, but not Anti-Virus and Spyware ?

Any Help would be really appreciated.

Thanks

Matt

JORGE RODRIGUEZ · ‎01-02-2009

Matt,

You are probably looking at a CSC-SSM solution for content secirity which is porbably more afordable for the size of users than a NAC solution or IPS solution for remote access, thats my opinion.

Content Secuirty CSC-SSM, have a look at CSC module and what it can provide in terms of content security and anti-virus

http://www.cisco.com/en/US/products/ps6823/index.html

Also Network Admission control is another solution but I believe is for a much larger infrastructure

http://www.cisco.com/en/US/products/ps6128/index.html#

You could implement SSL technology for example using annyconnect client in FULL tunnel mode and have complete control of VPN traffic in conjunction with CSC-SSM module.

Regards

Jorge Rodriguez

mcroft · ‎01-14-2009

Thank you for the response.

My only concearn is that the CSC-SSM does not catch worms, I would needs the IPS module to protect my servers from worms......

and the ASA5510 only allows one module, so its either the AIM-IP "or" the SSM.

uhmmm