Re: ASA and firewall

aksher · ‎10-09-2006

what are the typical featured whcih an ASA offers ut not firewall.i believe webVPN and AIP-SSM

a.kiprawih · ‎10-09-2006

Generally, these are some of the differences:

a. ASA, with 4 options: Firewall Edition, IPS Edition, Anti-X Edition, VPN Edition

Main Differences:

* VPN: SSL VPN (webVPN)

* All access ports are GE (UTP-copper)

* AIP-SSM: full-featured intrusion prevention services to stop malicious traffic, including worms and network viruses

* CSC-SSM (anti-X): antivirus, anti-spyware, file blocking, anti-spam, anti-phishing, URL blocking and filtering, content filtering

* Failover - no dedicated unit just to function as failover only. All boxes came with same license/failover feature

b. PIX

Main Differences:

* IDS only (basic)

* Default all 10/100Base-T. Optional cards: 1000Base-X (fiber) or single/4-ports FE

* Failover:

- Pix 6.3(x) need pairing of 2 PIXes (primary+UR License, and secondary+failover only)

c. Common Features

* VPN - remote access & site-to-site

* Firewalling

Cheers!

AK

aksher · ‎10-10-2006

what is the command to check AIP-SSM CSC-SSM is active or not?

a.kiprawih · ‎10-10-2006

Use "sh module "

i.e sh module 1

Check the 'Mod Status', and it should be up.

The above command is to verify the module is up and running.

But for configuration or traffic inspection wise, it needs to be configured accordingly.