top of page

Cisco ASA Firewall and you.

Many small businesses and organizations with branch offices use broadband routers from their ISPs to act as firewalls to guard their networks. Unfortunately, these devices are not true firewalls and base their security on Port Address Translation (PAT) or Network Address Translation (NAT) to protect the connected computers. Although some broadband routers have very basic firewall capabilities, they often lack the features and performance that small business offices need. For these reasons, we highly recommend the Adaptive Security Appliances (ASAs) family from Cisco, specifically the 5505 model, for small offices.

The Cisco ASA 5505 is the entry-level product in Cisco ASAs firewall lineup, but it’s full of enterprise-class features that can be used as a business grows or their needs change. For example, if you only need 2 SSL VPN connections to remote connect to your network from anywhere in the world, you have that from the start. If you need remote users, you can simply buy a one-time expansion license to bump up to 10 users, and continuue scaling up from there.

One of the great features that we integrate in many clients’ infrastructures is SSL VPN. Using the Cisco AnyConnect client, you can connect to the ASA from anywhere. While this is a nice feature for securing local resources, it can also be used to protect remote resources. For example, a business has a remote resource, say a web server, and one IP – the main office – should be able to SSH or RDP to the server. However, the business works with several freelancers and remote staffers, who will be working from multiple IP address anywhere in the world. So how do you tunnel them into one IP to allow them to access the server securely? By having them use the ASA 5505′s SSL VPN client, we can establish a virtual link between the remote workers and the office. Thus all traffic for the web server will be proxied through the ASA. This secures the web server link and sets up per-user accountability.

The Cisco ASA 5505 is a great firewall with enterprise features that will fit any IT budget, especially for small to medium sized business. With robust features, this is a great starting point for any office’s IT infrastructure.

bottom of page