There is variety of solutions that can be described, in the following article I provide general overview for several secured solutions.
A reliable network firewall helps your company keep unauthorized visitors from accessing valuable business resources.
Cisco ASA 5500 Series Adaptive Security Appliances
Stop security attacks before they affect business continuity. Cisco ASA 5500 Series Adaptive Security Appliances provide intelligent threat defense and highly secure communications services. These solutions help organizations lower their deployment and operational costs while delivering comprehensive network security for networks of all sizes.
Cisco ASA 5500 Series Adaptive Security Appliances – Model Comparison:
Cisco Firewall Services Module
Cisco Firewall Services Module (FWSM)—a high-speed, integrated firewall module for Cisco Catalyst 6500 switches and Cisco 7600 Series routers—provides the fastest firewall data rates in the industry: 5-Gbps throughput, 100,000 CPS, and 1M concurrent connections. Up to four FWSMs can be installed in a single chassis, providing scalability to 20 Gbps per chassis. Based on Cisco PIX Firewall technology, the Cisco FWSM offers large enterprises and service providers unmatched security, reliability, and performance.
The Cisco FWSM includes a number of advanced features that help reduce costs and operational complexity while enabling organizations to manage multiple firewalls from the same management platform. Features such as resource manager helps organizations limit the resources allocated to any security context at any time thus ensuring that one security context does not interfere with another. The transparent firewall feature configures the FWSM to act as a Layer 2 bridging firewall resulting in minimal changes to network topology.
Secured Remote Access SSL
Today's remote-access VPN deployments require the ability to safely and easily extend corporate network access beyond managed desktops to different users, devices, and endpoints. The Cisco® ASA 5500 Series SSL/IPsec VPN Edition (also known as the Cisco Secure Remote Access solution) enables organizations to securely provide network access to a broad array of users, including mobile and fixed endpoints, remote offices, contractors, and business partners.
Supporting a wide range of deployment and application environments, the Cisco Secure Remote Access solution delivers maximum value to your organization with the most comprehensive set of Secure Socket Layer (SSL) and IP security (IPsec) Virtual Private Network (VPN) features, performance, and scalability in the industry. Cisco Secure Remote Access also provides organizations with the ability to use a powerful combination of multiple market-proven firewall, intrusion prevention (IPS), and content security technologies on a single unified platform.
Cisco ASA 5500 Series SSL VPN: Profile and Benefits
Extends the appropriate SSL VPN technology, either clientless or full-network access, on a per-session basis, depending on the user group or endpoint accessing the network.
Comprehensive network access:
Broad application and network resource access is provided through the Cisco AnyConnect Secure Mobility client, an automatically downloadable network-tunneling client that provides access to virtually any application or resource.
Optimized network performance:
The Cisco AnyConnect Secure Mobility client provides an optimized VPN connection for latency-sensitive traffic, such as voice over IP (VoIP) traffic or TCP-based application access. AnyConnect can automatically determine and establish connectivity to the most optimal network access point.
Ubiquitous clientless access:
Delivers secure remote access to authenticated users on both managed and unmanaged endpoints, enabling increased productivity by providing "anytime access" to the network.
Empowers network and IT management with additional tools to provide controlled access to corporate network resources and applications.
Low total cost of ownership:
Reduces expensive help-desk calls associated with network connectivity issues and eliminates the administration costs of managing client software on every endpoint.
Unified Communications Proxy Solution
The Cisco ASA phone proxy feature allows remote Cisco IP phones to establish secured communication channels directly with the ASA. These secure communications terminate directly onto the firewall and the firewall "proxies" the voice communication between the phone and the Call Manager.
This feature allows for secure voice communication for phones deployed in the field without requiring a separate device to encrypt the traffic to the Call Manager.
The Cisco ASA phone proxy capability facilitates termination of Cisco SRTP- and TLS-encrypted endpoints for secure remote access. The Cisco ASA phone proxy allows large-scale deployments of secure phones without a large-scale VPN remote-access hardware deployment. End-user infrastructure is limited to just the IP endpoint, without VPN tunnels or hardware. The Cisco ASA phone proxy is the replacement product for the Cisco Unified Phone Proxy.
The Cisco ASA mobility proxy facilitates secure connectivity between the Cisco Unified Mobile Communicator software and the Cisco Unified Mobility Advantage server. The Cisco ASA appliance can intercept the TLS connection between the Cisco Unified Mobile Communicator software and server, and inspect and apply policies to the mobility traffic using a new Multichassis Multilink PPP (MMP) inspection engine. The Cisco ASA appliance is a mandatory component of mobility solutions starting with the Cisco Unified Communications 7.0 Systems, and replaces the Cisco Unified Mobility Proxy.
IPS – Intrusion Prevention System
Deploy network-based intrusion prevention that identifies, classifies, and stops known and unknown threats with the Cisco Intrusion Prevention System (IPS).
As an essential part of the Cisco Secure Borderless Network, Cisco IPS is one of the most widely deployed intrusion prevention systems, providing:
- Protection against more than 30,000 known threats
- Timely signature updates and Cisco Global Correlation to dynamically recognize, evaluate, and stop emerging Internet threats
Cisco IPS includes industry-leading research and the expertise of Cisco Security Intelligence Operations. Cisco IPS protects against increasingly sophisticated attacks, including:
- Directed attacks
- Application abuse
Cisco IPS also helps your organization comply with government regulations and consumer privacy laws. It provides intrusion prevention that:
- Stops outbreaks at the network level, before they reach the desktop
- Prevents losses from disruptions, theft, or defacement
- Collaborates with other network components, for end-to-end, networkwide intrusion prevention
- Supports a wide range of deployment options, with near-real-time updates for the most recent threats
- Decreases legal liability, protects brand reputation, and safeguards intellectual property
Flexible deployment options include:
- Cisco IPS 4200 Series Sensors as standalone IPS appliances.
- Integrated Cisco ASA 5500 Series Advanced Inspection and Prevention Security Services Modules (AIP SSM10, AIP SSM20, and AIP SSM40) provide intrusion prevention, firewall, and VPN in a single, easy-to-deploy platform.
- Cisco AIM-IPS, NME-IPS, or Cisco IPS Sensor Software for integrated services routers.
- Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Modules.
Web Security Gateway
Web threats are growing at an exponential rate, and nearly 50% of all legitimate sites are hosting malware. URL filtering solutions that rely on periodic updates to local databases cannot keep pace with these rapidly-evolving threats. In addition, the growing complexity of IT infrastructure and Web 2.0 add to the security challenge. Administrators lack timely, actionable information about how the Internet is being used.
Traditional gateway defenses are proving to be inadequate against a variety of web-based malware, leaving corporate networks exposed to the inherent danger posed by these threats.
At the same time, IT managers face economic pressure to reduce costs while improving web security.
- Blended threats
- Web threats
- Viruses and worms
- Spyware & keyloggers
- Malicious mobile code
- Content threats
- Non-business content
Email Security Gateway
Today’s email-borne threats consist of virus attacks, spam, false positives, distributed denial-of-service (DDoS) attacks, spyware, phishing (fraud), regulatory compliance violations, and data loss.
- Blended threats
- Data loss
- Inappropriate content
- Malicious web links
- Spam and bots