With the theme of security as an integrated, architectural component of the extended network, Chambers during his keynote here demonstrated the new multifunction Adaptive Security Appliance 5500 series, which combines the functions of Cisco Systems Inc.s PIX firewall, Intrusion Prevention System 4200 Series and VPN 3000 Concentrator, and brings to the table new SSL (Secure Sockets Layer) VPN functions on top of existing IP Security VPN services.
The aim of the new appliance, available in three models with varying performance levels and price points, is to reduce operational costs, provide granular intrusion prevention, and offer scalable anti-virus protection within a single device that front-ends a switch or router.
Based on his experience with CEOs and CIOs around the globe, Chambers said, he has observed that for those leaders, "Security is a top issue. It is an enabler of growth, but slows down industry if its not done right."
The ASA 5500 series is a proof point in Ciscos integrated security initiative. To reduce the complexity of implementing a thorough security system, Cisco takes a three-pronged approach, Chambers said.
"We think about it in three categories—application security; anti-x, which can be anti-spam, anti-spyware, anti-virus and so on; and the third is containment and control. Today with the Adaptive Security Appliance we have the capability for a small company or a large company or a branch office to combine intrusion prevention with firewall, VPN and so on, thats easier to configure and support, with a product that scales. Combining in form factors and interoperability is key," Chambers said.
The ASA 5500 series provides Anti-X defenses for worm and virus mitigation, spyware/adware protection, network traffic microinspection, hacker and intrusion prevention, and Denial of Services prevention.
The appliance can also be used to control traffic and the amount of bandwidth consumed by peer-to-peer services and Instant Messaging traffic.
Chambers also demonstrated a new release of Ciscos Adaptive Security Device Manager, which can be used to manage the new ASA 5500 series as well as other Cisco security offerings.
With the Adaptive Security Device Manager, "You can configure an advanced firewall, configure email [security policies], HTTP, Instant Messaging and peer-to-peer, and with point and click you can change those and modify security on the device. It makes it almost idiot proof," Chambers said.
The ASA 5510 supports up to 300M bps, the Cisco ASA5520 supports up to 450M bps and the ASA 5540 supports up to 650M bps—all in a single 1 Rack Unit form factor. The appliances range in price from $3,495 to $16,995 and are due this month.