The Cisco ASA-5508, the industry’s first adaptive, threat-focused next-generation firewall (NGFW), offers threat defense and advanced malware protection for the new era. As a member of Cisco’s line of ASA hardware firewall with FirePOWER services, the ASA-5508 consolidates different security layers into a single platform.

 

Why Choose Cisco Firewall ASA-5508?

The Cisco ASA-5508 entry-level NGFW system with FirePower services caters to small or midsize enterprises and branch offices. The ASA-5508 integrates a set of eight Gigabit Ethernet interfaces and comes with 80GB solid-state drive (SSD) for storage. It also supports up to 100 IPsec VPN peers, 50,000 concurrent connections, and 1Gbps throughput.

Pros

Site-to-site and remote access VPN

Granular application visibility and control

Cisco FirePOWER services

Cons

Timing-chip problem

Aftersales support

Warranty issues

Key Features

Next-generation Firewall.

Industry’s first threat-focused NGFW; provides ASA firewall functionality, advanced threat protection, and advanced breach detection and remediation combined in a single device. Rich routing, stateful firewall, Network Address Translation (NAT), and dynamic clustering for high-performance, highly secure, and reliable access with Cisco AnyConnect VPN.

Advanced Malware Protection.

Superior threat prevention and mitigation for both known and unknown threats. Detection, blocking, tracking, analysis, and remediation to protect the enterprise against targeted and persistent malware attacks.

Full Contextual Awareness.

Policy enforcement based on complete visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities, threats, and URLs. Application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs.

Purpose-built, Scalable, Intelligent.

Highly scalable security appliance architecture that performs at up to multigigabit speeds. Consistent and robust security across branch, Internet edge, and data centers in physical and virtual environments. Globally-acclaimed security and web reputation intelligence for real-time security protection.

Remote Access VPN.

Extends secure corporate network access beyond corporate laptops to personal mobile devices, regardless of physical location. Support for Cisco AnyConnect Secure Mobility Solution, with granular, application-level VPN capability, as well as native Apple iOS and Android VPN clients.

Other Features

Rack-mountable

Integrated Wi-Fi

VPN Support

VLAN Support

Low TCO

Open API

Rugged Design

Specifications

Firewall Throughput: 450Mbps
Maximum New Sessions Per Second: 10000
Maximum Concurrent Sessions: 100000
Integrated I/O: 8x Gigabit Ethernet
Storage Capacity: 80GB mSATA

How To Use

Use a separate inside switch in your deployment. If you want to deploy a separate router on the inside network, then you can route between management and inside. In this case, you can manage both the ASA and ASA FirePOWER module on Management 1/1 with the appropriate configuration changes. Connect inside and management on the same network because the management interface acts like a separate device that belongs only to the ASA FirePOWER module.

  • Connect to a power supply
    – Attach the power cable to the ASA and connect it to an electrical outlet, then press the Power button on the back of the ASA.
    – Check the Power LED on the front of the ASA, if it is solid green, the device is powered on.
    – Check the Status LED on the front part of ASA, solid green means that the system has passed power-on diagnostics.
  • Launch the ASDM
    – On the computer connected to the ASA, launch a web browser.
    – In the address field, enter the following URL: https://192.168.1.1/admin.
    – The Cisco ASDM web page appears, then follow the onscreen instructions to launch ASDM according to the option you chose.
    – When Cisco ASDM-IDM Launcher appears, click install ASDM Launcher.
    – Leave the username and password fields empty, and click OK, then the main ASDM window appears.
    – If you are prompted to provide the IP address of the installed ASA FirePOWER module, cancel out of the dialog box. You must first set the module IP address to the correct IP address using the Startup Wizard.
  • Configuring the ASA FirePower Module
    Use ASDM to install licenses, configure the module security policy, and send traffic to the module. Remember that, you can alternatively use the Firepower Management Center to manage the ASA FirePOWER module. See the ASA FirePOWER Module Quick Start Guide for more information.
  • Installing the Licenses
    The Control and Protection licenses are provided by the Product Authorization Key (PAK) is included on a printout in your box. If you ordered additional licenses, you should have PAKs for those licenses in your email.
  • Configuring the ASA FirePOWER Security Policy
    Choose Configuration then click ASA FirePOWER configuration to configure the ASA FirePOWER security policy. Use the ASA FirePOWER pages in ASDM for more information.

 

About Cisco

Cisco leads in the development of firewall and cybersecurity solutions with its more than 30 years of experience. Proving its expertise, Cisco NGFWs earn a 2017 Global Network Market Leadership Award from Frost & Sullivan, and named as a 2018 Leader in Gartner Magic Quadrant for Enterprise Network Firewalls.

Final Thoughts

The Cisco ASA-5508 is a good hardware firewall solution for small and midsized enterprises and branch offices. Cisco has been in the tech industry for more than 30 years. With its reputation for quality products, you can rely on the ASA-5508 firewall. The only downside with the ASA-5508 is the timing chip problem. Overall, the Cisco ASA-5508 is a decent NGFW solution that can cover all your business network’s security needs.

 

If you want to go through more hardware firewall products in the market, feel free to go through other hardware firewall reviews on the site.