The Cisco ASA-5508 is designed for a new era of threat defense and advanced malware protection. Cisco Systems, Inc. and its subsidiaries are committed to protecting your privacy and providing you with a positive experience. One of its premium products, Cisco ASA-5508, is the industry’s first adaptive, threat-focused, next generation firewall (NGFW).
Why Choose Cisco Firewall ASA-5508?
Cisco ASA 5508-X FirePower Services’ Firewall is an entry-level, next-generation firewall system designed for small to midsize businesses or branch offices of big companies. The firewall provides 8-Port Gigabit Ethernet interfaces, 80GB SSD, supports up to 100 IPsec VPN peers, 50,000 concurrent connections and one Gbps throughput.
Cisco ASA with FirePOWER Services brings distinctive, threat-focused, next-generation security services to Cisco ASA 5500-X Series Next-Generation Firewalls, and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks.
Pros
Site-To-Site And Remote Access VPN And Advanced Clustering Provide Highly Secure, High-Performance Access And High Availability To Help Ensure Business Continuity
Granular Application Visibility And Control (AVC) Supporting More Than 3,000 Application-Layer And Risk-Based Controls That Can Launch Tailored Intrusion Prevention System (IPS) Threat Detection Policies To Optimize Security Effectiveness
The Industry-Leading Cisco ASA With FirePOWER Next-Generation IPS (NGIPS) Provides Highly Effective Threat Prevention And Full Contextual Awareness Of Users, Infrastructure, Applications, And Content To Detect Multivector Threats And Automate Defense Response
Reputation And Category-Based URL Filtering Offers Comprehensive Alerting And Control Over Suspicious Web Traffic And Enforce Policies On Hundreds Of Millions Of URLs In More Than 80 Categories
AMP or Advanced MalwareProtection Provides Industry-Leading Breach Detection Effectiveness, A Low Total Cost Of Ownership, And Superior Protection Value That Helps Users Discover, Understand, And Stop Malware And Emerging Threats Missed By Other Security Layers
Cons
Timing-chip problem
Slow After-Sales Support
Key Features
Next-Generation Firewall
Industry’s first threat-focused NGFW, Next-Generation Firewall. It is the only NGFW with market-leading protection gathered from integrated functions such as the Next Generation Intrusion Protection Systems and Cisco’s Advanced Malware Protection. All in all, Cisco ASA-5508’s NGFW provides unified policy management of firewall functions, application control, threat prevention, and malware protection from the network to the endpoint, encompassed in a single management console.
Proven ASA firewall
Rich routing, stateful firewall, Network Address Translation, and dynamic clustering for high-performance, highly secure, and reliable access with Cisco AnyConnect VPN.
Market-leading NGIPS
Cisco ASA-5508’s Next Generation Intrusion Prevention System, (NGIPS), provides network visibility, security intelligence, automation and advanced threat protection. Cisco’s NGIPS solution sets a new standard for advanced threat protection by integrating real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention.
To break it down further, here are some of the other benefits of NGIPS :
1. Efficacy :
NGIPS gets updates on new policy rules and signatures every two hours, reinforcing the security of your software simultaneously.
2. Operational Cost
NGIPS automation increases operational efficiency and reduces overhead by separating actional events from noise.
3. Integration
NGIPS plugs into your network without causing major hardware changes, plus it doesn’t take a lot of time to install. NGIPS also helps users manage several security applications from a single pane, a feature care of its Firepower Management Center. Through the use of the Firepower Management Center, users are also able to see more contextual data from their network, overall fine-tuning their security.
4. Flexible
NGIPS’ deployment options meet the needs of the enterprise. It can be deployed at the perimeter, at the data center distribution and core, or behind the firewall to protect WAN connections, guest access, or mission-critical assets. NGIPS can also be deployed for inline inspection or passive detection.
Advanced Malware Protection
Detection, blocking, tracking, analysis, and remediation to protect the enterprise against targeted and persistent malware attacks.
Full Contextual Awareness
Policy enforcement based on complete visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities, threats, and URLs.
Application Control And URL Filtering
Application-layer control and ability to enforce usage and tailor detection policies based on custom applications and URLs.
Purpose-built, scalable
Highly scalable security appliance architecture that performs at up to multigigabit speeds; consistent and robust security across branches, Internet edge, and data centers in physical and virtual environments.
Remote Access VPN
Extends secure corporate network access beyond corporate laptops to personal mobile devices, regardless of physical location; support for Cisco AnyConnect Secure Mobility Solution, with granular, application-level VPN capability, as well as native Apple iOS and Android VPN clients.
Collective Security Intelligence (CSI)
Globally Acclaimed security and web reputation intelligence for real-time security protection.
Other Features
Rack-mountable
Integrated Wi-Fi
VPN Support
VLAN Support
Low TCO
Open API
Rugged Design
Specifications
| Interfaces | 8x1 Gigabit Ethernet interface, 1 management port | ||
| Multiprotocol Throughput | 500 Mbps | ||
| Maximum 3DES/ASES VPN throughput | 175 Mbps | ||
| IPsec site-to-site VPN peers | 100 | ||
| Virtual interfaces (VLANs) | 50 | ||
| Memory | 8GB | ||
| Flash | 8GB | ||
| Power (AC or DC) | AC only | ||
| Height (rack units) | 1RU | ||
| Package Weight | 8.77 Kg | ||
| Dimensions | 1.72 x 17.2 x 11.288 in. | ||
| Weight | 8 lb (3 kg) | ||
| Maximum Peak | 12V @3.0A |
How To Use
Think the Cisco ASA-5508 will help you with your home and business needs?
Learn more about its features and current price here.
If you’ve already have the Cisco ASA-5508 firewall, and you are about to install it on your device, our easy to understand and very helpful installation guide will give you a push in the right direction:
Deploying The ASA-5508 To Your Network:
- First, use a separate inside switch in your deployment.
- If The default configuration enables the above network deployment with the following behavior :
– inside–> outside traffic flow
– outside IP address from DHCP
– DHCP for clients on inside
Note: Management 1/1 belongs to the ASA Firepower module. The interface is Up, but otherwise unconfigured on the ASA. The ASA Firepower module can then use this interface to access the ASA inside network and use the inside interface as the gateway to the Internet.
Note: Do not configure an IP address for this interface in the ASA configuration. Only configure an IP address in the Firepower configuration. You should consider this interface as completely separate from the ASA in terms of routing.
Note: If you want to deploy a separate router on the inside network, then you can route between management and inside. In this case, you can manage both the ASA and ASA FirePOWER module on Management 1/1 with the appropriate configuration changes.
Connect The ASA To A Power Supply
- Attach the power cable to the ASA and connect it to an electrical outlet, then press the Power button on the back of the ASA.
- Check the Power LED on the front of the ASA, if it is solid green, the device is powered on.
- Check the Status LED on the front part of ASA, solid green means that the system has passed power-on diagnostics.
Launching The ASDM
- On the computer connected to the ASA, launch a web browser.
- In the Address field, enter the following URL: https://192.168.1.1/admin.
- The Cisco ASDM web page will appear. Follow the onscreen instructions to launch ASDM according to the option you chose.
- When Cisco ASDM-IDM Launcher appears, click install ASDM Launcher.
- Leave the username and password fields empty, then click OK. The main ASDM window will then appear.If you are prompted to provide the IP address of the installed ASA FirePOWER module, cancel out of the dialog box.
- You must first set the module IP address to the correct IP address using the Startup Wizard.
Configuring The ASA FirePower Module
Use ASDM to install licenses, configure the module security policy, and send traffic to the module.Remember that you can alternatively use the Firepower Management Center to manage the ASA FirePOWER module. See the ASA FirePOWER Module Quick Start Guide for more information.
Installing The Licenses
The Control and Protection licenses provided by the Product Authorization Key (PAK) are included on a printout in your box. If you ordered additional licenses, you should have PAKs for those licenses in your email.
Configuring the ASA FirePOWER Security Policy
Choose Configuration, then click ASA FirePOWER configuration to configure the ASA FirePOWER security policy. Use the ASA FirePOWER pages in ASDM for more information.
About Cisco
Cisco Systems, Inc. is an American multinational technology conglomerate headquartered in San Jose, California, in the middle of Silicon Valley. Cisco develops, manufactures and sells networking hardware, software, telecommunications equipment and other high-technology services and products. Through its numerous acquired subsidiaries, such as OpenDNS, Webex, Jabber and Jasper, Cisco specializes in specific tech markets, such as the Internet of Things (IoT), domain security and energy management.
Cisco’s products and services cater to three major market segments-enterprise, service provider, and midsize and small businesses.Also, Cisco provides IT products and services in five major tech areas: Networking (including Ethernet, optical, wireless and mobility), Security, Collaboration (including voice, video, and data), Data Center, and the Internet of Things.
How did Cisco Systems come about? Two Stanford University computer scientists by the name of Leonard Bosack and Sandy Lerner established Cisco Systems in December 1984. Leonard and Sandy pioneered the concept of LAN, a Local Area Network that could connect computers that were far away from each other through the use of a multiprotocol router system.
Did you know that one of Cisco’s first products was created with Stanford University’s campus technology? In the early 1980s, Leonard, along with some teachers and students at Stanford, used tech available on campus to link the school’s computer systems, allowing them to talk to one another. They communicated by using a Blue Box which functioned as a multiprotocol router.
Ever wondered how Cisco got its name? The name “Cisco,” was named after the city of San Francisco, while the company’s logo is an illustration of the two towers of one of San Francisco’s greatest landmarks, the Golden Gate Bridge.
In terms of acquisitions and buy-ins, in 2019, Cisco bought CloudCherry, a customer experience management company, and Voicea, an artificial intelligence company. One year later, in May 2020, Cisco announced it would be acquiring another business,the network intelligence company ThousandEyes.
Final Thoughts
The Cisco ASA-5508 is a good firewall software for a small or midsize enterprise or branch office. If you are familiar with Cisco as a brand, this should really come as no surprise – the company has been in the tech industry for 35 years, and with its reputation for quality products, you can surely rely on the safety, security, and high quality of the Cisco ASA-5508 software firewall.
However, Cisco has had a few setbacks in the past, one of them was a faulty timing chip issue a few years back. News of a faulty timing chip in Cisco’s products broke out in 2017, an issue which the company quickly addressed, issuing a notice saying that busted timing chips in many of their products could fail after 18 months of service, causing the devices holding the chips to crash and never recover. 2017 was three years ago, 36 months after the fact, 18 months after the reported time frame, but it is still a cause for concern among Cisco’s many customers.
On the flipside, after a thorough discussion of all of its many features, it would be foolish to not admit that the Cisco ASA-5508 is an amazing product, and is more than capable of covering all your medium enterprise network security needs.
Have you given Cisco ASA-5508 a try? What can you say about it? What did you like? What did you not like? We would love to know what you think, so please do drop us a line or two through our Contact Us section.
If you would like to do a comparison of different hardware firewall products, feel free to check out other product reviews on firewallguide.com. You might find something you like, or you might not. Whatever the case may be, we are on your side and we will do our best to help you find a product that will truly fit you.
