FAQs

What are Cisco ® ASA Next-Generation Firewall Services?

Cisco ASANext-Generation Firewall Services blend a proven, stateful inspection firewall with next-generation capabilities and a host of additional network-based security controls for end-to-end network intelligence and streamlined security operations. Cisco ASA Next-Generation Firewall Services enable organizations to rapidly adapt to dynamic business needs while maintaining the highest levels of security. It also enables administrators to control specific behaviors within allowed micro applications and enforce differentiated policies based on the user, device, role, application type, and threat profile.

What are the benefits of Cisco ASA Next-Generation Firewall Services?

They empower enterprises to finally say “yes” to applications, devices, and the evolving global workforce. Most next-generation firewalls differ from classic firewalls in that they can identify which applications are being requested and which user has requested them. Cisco ASA Next-Generation Firewall Services provide the application and user ID awareness that is essential for any next-generation firewall. In addition, they deliver:

Precise application visibility and control, including behavior controls within allowed micro applications
Reputation-based web security
Passive and active authentication
User device information
Near-real-time threat protection

How do Cisco ASA Next-Generation Firewall Services protect against zero-day threats and other malware?

Cisco ASA Next-Generation Firewall Services use threat intelligence feeds from Cisco Security Intelligence Operations (SIO), which employ the global footprint of Cisco security deployments (more than 2million devices) to analyze 70 percent of the world’s Internet traffic from email, intrusion prevention system (IPS) activity, and web threat vectors. The feeds are updated every three to five minutes for near-real-time protection from zero-day threats.

Will I have to overwrite my existing classic firewall policies?

Nope! Cisco ASA Next-Generation Firewall Services enable organizations to continue to use their existing firewall rules and objects while adding richer, context-aware rules that can act intelligently on contextual information. Cisco ASA Next-Generation Firewall Services support Layer 3 and Layer 4 stateful firewall features, including access control, network address translation, and stateful inspection. Organizations can keep their existing stateful inspection firewall policies while adding rich Layer 7 context-aware rules.

What does Cisco ASA Next-Gen Firewall do when there are multiple applications in a single flow?

Cisco ASA Next-Generation Firewall Services employ deep packet inspection for application recognition and therefore do not require a separate connection per application.

Ctelecoms PDF Profile

IT Services & Solutions

Datacenter Solutions

Unified Communications & Networking

Meraki Networking Solutions

Microsoft Cloud Solutions

Computing & Hyper-converged Infrastructure Solutions

IT & Cyber-Security

Cloud Backup & Disaster Recovery

Microsoft Power Platform

Dashboard