Challenge

The Internet has become a critical business tool for organizations of all sizes. It enables new opportunities for growth of the business. It provides connectivity with partners and remote workers via VPN connections. But it is also a conduit for threats to enter a company’s network. And these threats can have a significant impact on the business:

• Unauthorized access: Can lead to loss of company data, unplanned downtime, and related liability concerns.
• Peer-to-peer file sharing and instant messaging: Distracts employees and reduces productivity.
• Viruses: Can infect systems, bringing them down and resulting in outages and lost revenue.
• Spam and phishing: Creates a nuisance and contributes to loss of employee productivity .
• Browsing of non-work-related Websites: Leads to loss of employee productivity and possible company liability issues.
• Infected VPN traffic: Creates a vector for threats to enter the network and disrupt the business.

Solution

• The Cisco ASA 5500 Series Business Edition provides small and medium-sized companies with comprehensive gateway security and VPN connectivity. With its combined firewall and content security capabilities, the Cisco ASA 5500 Series stops threats at the gateway before they enter the network and affect business operations. These same services are extended to remote-access users providing a threat-protected VPN connection. The Cisco ASA 5500 Series Business
• Edition offers:
• Most trusted and deployed firewall technology: Building on the Cisco PIX® Family of security appliances, the Cisco ASA 5500 Series allows valid business traffic to flow, while keeping out unwelcome visitors. And with its application control capabilities, the solution can limit peer-to-peer file sharing, instant messaging, and malicious traffic, while enabling secure deployment of new business applications for improved profitability and competitiveness. This prevents security leaks and the introduction of threats to the network.
• Market-leading content security capabilities: With robust content security capabilities delivered via the optional Content Security and Control Security Services Module (CSC-SSM), the Cisco ASA 5510 Adaptive Security Appliance provides critical perimeter security services needed for comprehensive protection.

          ◦ Antivirus: Award-winning antivirus technology shields your internal network resources from both known and unknown virus attacks, at the most effective point in your
   infrastructure, the Internet gateway. Cleaning your e-mail and Web traffic at the perimeter eliminates the need for resource-intensive malware infection cleanup and
   helps ensure business continuity.

          ◦ Anti-spyware: Blocking spyware at the gateway prevents spyware from entering your network through Internet traffic (HTTP and FTP) and e-mail traffic, frees up IT support

resources from costly spyware removal procedures, and improves employee productivity.

          ◦ Anti-spam: Effective blocking of spam with very low false positives helps to restore the effectiveness of e-mail, so communication with customers, vendors, and partners
   continues uninterrupted.

          ◦ Anti-phishing: Identity theft protection guards against phishing attacks, thereby preventing employees from inadvertently disclosing company or personal details
   that could lead to financial loss.

          ◦ Real-time protection for Web access, e-mail, and file transfer: Many employees access their own private Webmail from their company PCs or laptops, introducing

another entry point for Internet-borne threats even if an organization’s e-mail is already protected. Similarly, employees may directly download programs or files that may be contaminated. Real-time protection of all Web traffic at the Internet gateway greatly reduces this often-overlooked point of vulnerability.

          ◦ URL filtering: Web and URL filtering can be used to control employee Internet usage by blocking access to inappropriate or non-work-related Websites, improving employee productivity and limiting the risk of legal action being taken by employees exposed to offensive Web content.

          ◦ E-mail content filtering: E-mail filtering minimizes the legal liability companies can face, due to exposure to offensive material transferred by e-mail. Filtering also enforces regulatory compliance, helping organizations meet the requirements of legislation such as the Gramm-Leach Bliley Act and the Data Protection Act.

• Investment protection: The Cisco ASA 5500 Series include an expansion slot to support add-on capabilities. The Cisco ASA 5510 supports the CSC-SSM, which provides content security features. In the Cisco ASA 5505, the expansion slot supports future add-on options. This capability enables small businesses to deploy firewall and VPN capabilities today, and add features in the future as their business grows and the security needs change.
• Threat-protected VPN: The Cisco ASA 5500 Series provides market-leading, threat-protected remote access. The solution provides both site-to-site and remote-user access to internal network systems and services. This solution combines SSL and IPsec VPN capabilities for maximum flexibility. And since the solution combines firewall and optional content security services with VPN services, the VPN traffic cannot introduce malware or other threats to the business.
• Easy deployment and management: The Cisco ASA 5500 Series Business Editionincludes the Cisco Adaptive Security Device Manager (ASDM), which provides a powerfulyet easy-to-use browser-based management and monitoring interface. This single solution provides comprehensive configuration and monitoring of all the services in a single application. And to help with quick deployment, wizards guide the administrators through initial and ongoing configuration of their Cisco ASA 5500 Series appliances.
• Firewall, intrusion detection, prevention systems (IPS/IDS), VPN protections.
• E-mail antivirus, e-mail anti-spam, user authentication, HTTP antivirus, server antivirus, network firewall, IPSec VPN gateway, network antivirus, personal firewall, web application firewall.