Product Advisor

Cisco Security Portfolio
Cisco ASA 5500 Series Model/License	5505 Base/Security Plus	5510 Base/Security Plus	5520	5540	5550
Cisco Adaptive Security Appliance Software Version (latest)	7.2.2	7.2.2	7.2.2	7.2.2	7.2.2
Market	Small Business, Branch Office, Enterprise Teleworker	SMB and Small Enterprise	Small Enterprise	Medium Enterprise	Large Enterprise
Performance Summary
Maximum firewall throughput (Mbps)	150	300	450	650	1200
Maximum 3DES/AES VPN throughput (Mbps)	100	170	225	325	425
Maximum site-to-site and remote access VPN user sessions	10/25	250	750	5,000	5,000
Maximum SSL VPN user sessions¹	25	250	750	2,500	5,000
Maximum connections	10,000/25,000	50,000/130,000	280,000	400,000	650,000
Maximum connections/second	3,000	6,000	9,000	20,000	28,000
Packets per second (64 byte)	85,000	190,000	320,000	500,000	600,000
Technical Summary
Memory (MB)	256	256	512	1024	4096
Minimum system flash (MB)	64	64	64	64	64
Integrated ports²	8 port 10/100 switch with 2 Power over Ethernet ports	5-10/100	4-10/100/1000, 1-10/100	4-10/100/1000, 1-10/100	8-10/100/1000, 1-10/100
Maximum virtual interfaces (VLANs)	3 (trunking disabled) / 20 (trunking enabled)	50/100	150	200	250
SSC/SSM expansion slot	Yes (SSC)	Yes (SSM)	Yes (SSM)	Yes (SSM)	No
SSC/SSM Capabilities
SSC/SSMs supported	Future, SSC	CSC-SSM, AIP-SSM, 4GE-SSM	CSC-SSM, AIP-SSM, 4GE-SSM	CSC-SSM, AIP-SSM, 4GE-SSM	No
Intrusion Prevention	Not available	Yes (with AIP-SSM)	Yes (with AIP-SSM)	Yes (with AIP-SSM)	No
Concurrent threat mitigation throughput (Mbps) (firewall + IPS services)	Not available	150 (with AIP-SSM-10) 300 (with AIP-SSM-20)	225 (with AIP-SSM-10) 375 (with AIP-SSM-20)	450 (with AIP-SSM-20)	Not available
Anti-X (anti-virus, anti-spyware, file blocking, anti-spam, anti-phishing, and URL filtering)	Not available	Yes (with CSC-SSM)	Yes (with CSC-SSM)	Yes (with CSC-SSM)	Not available
Maximum number of users for anti-virus, anti-spyware, file blocking (CSC-SSM only)	Not available	500 (CSC-SSM-10) 1000 (CSC-SSM-20)	500 (CSC-SSM-10) 1000 (CSC-SSM-20)	500 (CSC-SSM-10) 1000 (CSC-SSM-20)	Not available
CSC SSM Plus License features	Not available	Anti-spam, anti-phishing, URL filtering	Anti-spam, anti-phishing, URL filtering	Anti-spam, anti-phishing, URL filtering	Not available
Features
Application-layer security	Yes	Yes	Yes	Yes	Yes
Layer 2 transparent firewalling	Yes	Yes	Yes	Yes	Yes
Security contexts (included/maximum)³	0/0	0/0 / 2/5	2/20	2/50	2/50
GTP/GPRS inspection³	Not available	Not available	Yes	Yes	Yes
High availability support⁴	Not supported / Stateless A/S	Not supported / A/A and A/S	A/A and A/S	A/A and A/S	A/A and A/S
IPSec and WebVPN services	Yes	Yes	Yes	Yes	Yes
VPN clustering and load balancing	Not available	Not available	Yes	Yes	Yes
1. Beginning with Cisco ASA Software v7.1, SSL VPN (Web VPN) capability requires a license. Systems include 2 SSL VPN users by default for evaluation and remote management purposes 2. Dedicated out-of-band (OOB) management port (a Cisco ASA 5510 Adaptive Security Appliance with the security+ license or higher model is required to make this interface route traffic) 3. Licensed features 4. A/S = Active/Standby; A/A = Active/Active

Cisco Security Portfolio

Cisco ASA 5500 Series Model/License

5505 Base/Security Plus

5510 Base/Security Plus

5520

5540

5550

Cisco Adaptive Security Appliance Software Version (latest)

7.2.2

Market

Small Business, Branch Office, Enterprise Teleworker

SMB and Small Enterprise

Small Enterprise

Medium Enterprise

Large Enterprise

Performance Summary

Maximum firewall throughput (Mbps)

150

300

450

650

1200

Maximum 3DES/AES VPN throughput (Mbps)

100

170

225

325

425

Maximum site-to-site and remote access VPN user sessions

10/25

250

750

5,000

Maximum SSL VPN user sessions¹

250

750

2,500

5,000

Maximum connections

10,000/25,000

50,000/130,000

280,000

400,000

650,000

Maximum connections/second

3,000

6,000

9,000

20,000

28,000

Packets per second (64 byte)

85,000

190,000

320,000

500,000

600,000

Technical Summary

Memory (MB)

256

512

1024

4096

Minimum system flash (MB)

Integrated ports²

8 port 10/100 switch with 2 Power over Ethernet ports

5-10/100

4-10/100/1000,
1-10/100

8-10/100/1000,
1-10/100

Maximum virtual interfaces (VLANs)

3 (trunking disabled) / 20 (trunking enabled)

50/100

150

200

250

SSC/SSM expansion slot

Yes (SSC)

Yes (SSM)

SSC/SSM Capabilities

SSC/SSMs supported

Future, SSC

CSC-SSM, AIP-SSM, 4GE-SSM

Intrusion Prevention

Not available

Yes (with AIP-SSM)

Concurrent threat mitigation throughput (Mbps) (firewall + IPS services)

Not available

150 (with AIP-SSM-10)
300 (with AIP-SSM-20)

225 (with AIP-SSM-10)
375 (with AIP-SSM-20)

450 (with AIP-SSM-20)

Not available

Anti-X (anti-virus, anti-spyware, file blocking, anti-spam, anti-phishing, and URL filtering)

Not available

Yes (with CSC-SSM)

Not available

Maximum number of users for anti-virus, anti-spyware, file blocking (CSC-SSM only)

Not available

500 (CSC-SSM-10)
1000 (CSC-SSM-20)

Not available

CSC SSM Plus License features

Not available

Anti-spam, anti-phishing, URL filtering

Not available

Features

Application-layer security

Yes

Layer 2 transparent firewalling

Yes

Security contexts (included/maximum)³

0/0

0/0 / 2/5

2/20

2/50

GTP/GPRS inspection³

Not available

Yes

High availability support⁴

Not supported / Stateless A/S

Not supported / A/A and A/S

A/A and A/S

IPSec and WebVPN services

Yes

VPN clustering and load balancing

Not available

Yes

1. Beginning with Cisco ASA Software v7.1, SSL VPN (Web VPN) capability requires a license. Systems include 2 SSL VPN users by default for evaluation and remote management purposes
2. Dedicated out-of-band (OOB) management port (a Cisco ASA 5510 Adaptive Security Appliance with the security+ license or higher model is required to make this interface route traffic)
3. Licensed features
4. A/S = Active/Standby; A/A = Active/Active