Cisco Advanced Inspection and Prevention Security Services Module
Cisco ASA 5500 Series Adaptive Security Appliances
The Cisco Advanced Inspection and Prevention Security Services Module (AIP-SSM) for the Cisco ASA 5500 Series Adaptive Security Appliance provides proactive, full-featured intrusion prevention services to stop malicious traffic, including worms and network viruses, before they can affect your network.
Security Services Module
Providing unparalleled protection for an organization's critical information assets, the Cisco ASA 5500 Series Adaptive Security Appliance provides best-in-class firewall and VPN capabilities in a single, easy-to-deploy platform. When combined with the advanced inspection capabilities of the AIP-SSM, the Cisco ASA 5500 Series Adaptive Security Appliance provides integrated, converged protection of an organization's servers and infrastructure without compromising the ability to use the network as a business tool.
AIP-SSM Intrusion Prevention Services
Cisco AIP-SSM combines inline prevention services with innovative technologies to improve accuracy. The result is total confidence in the protection offered by your intrusion prevention system (IPS) solution, without the fear of legitimate traffic being dropped. When deployed within Cisco ASA 5500 Series appliances, the AIP-SSM offers comprehensive protection of your network by collaborating with other network security resources, providing a proactive approach to protecting your network.
The Cisco AIP SSM helps users stop threats with greater confidence through the use of:
- Accurate inline prevention technologies - Provides unparalleled ability to take preventive action against a broader range of threats without the risk of dropping legitimate traffic. These unique technologies offer intelligent, automated, contextual analysis of your data and help ensure you are getting the most out of your intrusion prevention solution.
- Multivector threat identification - Protects your network from policy violations, vulnerability exploitations, and anomalous activity through detailed inspection of traffic in Layers 2 through 7.
- Unique network collaboration - Enhances scalability and resiliency through network collaboration, including efficient traffic capture techniques, load-balancing capabilities, and visibility into encrypted traffic.
- Powerful management, event correlation, and support services - Enables a complete solution, including configuration, management, data correlation, and advanced support services. In particular, the Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) identifies, isolates, and recommends precision removal of offending elements, for a networkwide intrusion prevention solution. And the Cisco Incident Control System (ICS) prevents new worm and virus outbreaks by enabling the network to rapidly adapt and provide a distributed response.
When combined, these elements provide a comprehensive inline prevention solution, giving you the confidence to detect and stop the broadest range of malicious traffic before your business continuity is affected.
Table 1. Cisco ASA AIP SSM-10, Cisco ASA AIP SSM-20, Cisco ASA AIP SSM-40
|Feature:||Cisco ASA AIP SSM-10||Cisco ASA AIP SSM-20||Cisco ASA AIP SSM-40|
|Concurrent Threat Mitigation Throughput (Firewall and IPS Services)||
|Memory||1 GB||2 GB||4 GB|
|Flash||256 MB||256 MB||2 GB|
|Environmental Operating Ranges:|
|Temperature||32 to 104°F (0 to 40°C)|
|Relative Humidity||5 to 95 percent noncondensing|
|Temperature||-13 to 158°F (-25 to 70°C)|
|Power Consumption||90W maximum|
|Dimensions (H x W x D)||1.70 x 6.80 x 11.00 in. (4.32cm x 17.27cm x 27.94cm)|
|Weight (with Power Supply)||3.00 lb (1.36 kg)||2.58 lb (1.17 kg)|
|Regulatory and Standards Compliance:|
|Safety||UL 1950, CSA C22.2 No. 950, EN 60950 IEC 60950, AS/NZS3260, TS001|
|Electromagnetic Compatibility (EMC)||CE marking, FCC Part 15 Class A, AS/NZS 3548 Class A, VCCI Class A, EN55022 Class A, CISPR22 Class A, EN61000-3-2, EN61000-3-3|
Service and Support:
Cisco takes a lifecycle approach to services, and with its partners, provides a broad portfolio of Security Services so enterprises can design, implement, operate and optimize network platforms that defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.Cisco services help you protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business.
The following Cisco Security Services support and compliment the SSM-AIP modules and the ASA 5500 series Adaptive Security Appliances:
Cisco Services for IPS
Cisco Services for IPS helps protect your business against security vulnerabilities by providing hardware and software support, operating system and application updates, access to Cisco security engineering specialists, and timely alerts about late-breaking viruses, worms, and other threats.
Cisco Services for IPS features:
- Signature file updates and alerts
- Registered access to Cisco.com for online tools and technical assistance
- Access to Cisco Technical Assistance Center (TAC)
- Cisco IPS Sensor Software updates
- Options for Advance replacement of failed hardware
Cisco Security Center
The Cisco Security Center provides one-stop shopping for early-warning threat intelligence threat and vulnerability analysis, Cisco IPS Signatures and mitigation techniques.
Cisco Security Intellishield Alert Manager
Cisco Security Intellishield Alert Manager Service provides a customizable, web-based threat and vulnerability alert service that allows organizations to easily access timely, accurate and credible information about potential vulnerabilities in their environment.
Cisco Security Optimization Service
Cisco Security Optimization Service-increasingly the network infrastructure is the foundation of the agile and adaptive business. The Cisco Security Optimization Service supports the continuously evolving security system to meet ever-changing security threats, through a combination of planning and assessments, design, performance tuning, and ongoing support for system changes and helps integrate security into the core network infrastructure.
- Pricing and product availability subject to change without notice.