setakit.com
setakit.com

Cisco ASA 2110

Cisco Firepower 2110

Cisco Firepower NGFW اولین فایروال نسل بعدی با محوریت تهدید است که به صورت یکپارچه مدیریت می شود. این فایروال منحصر به فرد، محافظت پیشرفته را قبل، بعد و به هنگام تهدیدات، ارائه می دهد. ASA 2110  هم می تواند به عنوان Next-Generation Firewall (NGFW) به کار گرفته شود و هم به عنوان Next-Generation IPS. آن ها برای اینترنت لبه، کامل و بدون نقص هستند.

مزایای ASA 2110

  • اطمینان خاطر از انعطاف پذیری بیزینس از طریق ایجاد امنیت بهینه توسط عملکردهای پایدار
  • کاهش هزینه های مربوط به فعال سازی IPS
  • دارای دو برابر پورت بیشتر و عملکرد بهتر در مقابل محصولات مشابه با قیمت یکسان

ویژگی های ASA 2110

Stop more threats

شامل بدافزارهای شناخته شده و ناشناخته با استفاده از سیستم محافظت پیشرفته در برابر بدافزارها  (AMP) و sandboxing

Gain more insight

امکان کنترل عالی محیط اطراف با استفاده از isco Firepower next-gen IPS.

Detect earlier, act faster

طبق گزارشات سیسکو، زمان متوسط بین آلوده شدن تا شناسایی سیستم ها، یک دوره ۱۰۰ روزه است، اما می توان با فایروال سیسکو این زمان را به یک روز کاهش داد.

Reduce complexity

مدیریت یکپارچه و شناسایی خودکار تهدید از طریق عملکردهای امنیتی شامل firewalling،  NGIPS و AMP

Get more from your network

بالا بردن سطح امنیت و استفاده از مزایای امکانات موجود با ادغام اختیاری سایر راه حل های امنیتی سیسکو

فروش Cisco ASA 2110برای دانلود فایل Cisco ASA 2110 Datasheet اینجا را کلیک نمایید.


Performance
Firepower 2110

Throughput: FW + AVC

2.00Gbps

Throughput: AVC + IPS

2.00Gbps

Maximum concurrent sessions, with AVC
1million

Maximum new connections per second, with AVC
12,000

IPSec VPN Throughput (1024B TCP w/Fastpath)

750Mbps

Maximum VPN Peers


1500
Cisco Firepower Device Manager (local management)
Yes
Centralized management

Centralized configuration, logging, monitoring, and reporting are performed by the Management Center or alternatively in the cloud with Cisco Defense Orchestrator

Application Visibility and Control (AVC)
Standard, supporting more than 4000 applications, as well as geolocations, users, and websites

AVC: OpenAppID support for custom, open source, application detectors
Standard

Cisco Security Intelligence

Standard, with IP, URL, and DNS threat intelligence
Cisco Firepower NGIPSAvailable; can passively detect endpoints and infrastructure for threat correlation and Indicators of Compromise (IoC) intelligence
Cisco AMP for NetworksAvailable; enables detection, blocking, tracking, analysis, and containment of targeted and persistent malware, addressing the attack continuum both during and after attacks. Integrated threat correlation with Cisco AMP for Endpoints is also optionally available
Cisco AMP Threat Grid sandboxingAvailable
URL Filtering: number of categoriesMore than 80
URL Filtering: number of URLs categorizedMore than 280 million
Automated threat feed and IPS signature updatesYes: class-leading Collective Security Intelligence (CSI) from the Cisco Talos Group
Third-party and open-source ecosystemOpen API for integrations with third-party products; Snort and OpenAppID community resources for new and specific threats
High availability and clusteringActive/standby; for Cisco Firepower 9300 intrachassis clustering of up to 5 chassis is allowed; Cisco Firepower 4100 Series allows clustering of up to 6 chassis
VLANs maximum1024
Cisco Trust Anchor TechnologiesASA 5506-X, 5508-X, and 5516-X appliances, Firepower 2100 Series and Firepower 4100 Series and 9300 platforms include Trust Anchor Technologies for supply chain and software image assurance. Please see the section below for additional details
ASA Performance and Capabilities
Stateful inspection firewall throughput13Gbps
Stateful inspection firewall throughput (multiprotocol)21.5Gbps
Concurrent firewall connections1million
Firewall latency (UDP 64B microseconds)-
New connections per second18000
IPsec VPN throughput (450B UDP L2L test)500Mbps
IPsec/Cisco AnyConnect/Apex site-to-site VPN peers1500
Maximum number of VLANs400
Security contexts (included; maximum)25;2
High availabilityActive/active and active/standby
Clustering-
ScalabilityVPN Load Balancing
Centralized managementCentralized Management (CSM) not currently supported for 2100 series
Adaptive Security Device ManagerWeb-based, local management for small-scale deployments
Hardware
Dimensions (H x W x D)4.4*42.9*50.2 cm
Form factor (rack units)1RU
Security module slots-
I/O module slots0
Integrated I/O12 x 10M/100M/1GBASE-T Ethernet interfaces (RJ-45), 4 x 1 Gigabit (SFP) Ethernet interfaces
Network modulesNone
Maximum number of interfacesUp to 16 total Ethernet ports
(12x1G RJ-45, 4x1G SFP)
Integrated network management ports
1x 10M/100M/1GBASE-T Ethernet port (RJ-45)
Serial port1 x RJ-45 console
USB 1x USB 2.0 Type-A (500mA)
Storage1x 100 GB, 1x spare slot (for MSP)
Fans 4integrated (2 internal, 2 exhaust) fans4
Noise56 dBA @ 25C
74 dBA at highest system performance.
Rack mountableYes. Fixed mount brackets included
(-2post). Mount rails optional (4-post EIA-310-D rack)
Weight7.3kg
Temperature: operating 0to 40°C
Humidity: operating 10to 85% noncondensing
Humidity: nonoperating5to 95% noncondensing
Altitude: operating10000ft max
Altitude: nonoperating40000ft max
Power Supplies
ConfigurationSingle integrated 250W AC power supply.
AC input voltage100to 240 V AC
AC maximum input current2.7A at 100V>
AC maximum output power250W
AC frequency50to 60 Hz
AC efficiency88%at 50% load <
DC input voltage-
DC maximum input current-
DC maximum output power-
DC efficiency-
RedundancyNone