| Cisco ASA 5500 Series Model/License |
ASA 5505 Base/Security Plus
 |
ASA 5510 Base/Security Plus
 |
ASA 5520
 |
ASA 5540
 |
ASA 5550
 |
| Cisco Adaptive Security Appliance Software Version (latest) |
7.2.2 |
7.2.2 |
7.2.2 |
7.2.2 |
7.2.2 |
| Market |
Small Business, Branch Office, Enterprise Teleworker |
SMB and Small Enterprise |
Small Enterprise |
Medium Enterprise |
Large Enterprise |
| Performance Summary |
|
| Maximum firewall throughput (Mbps) |
150 |
300 |
450 |
650 |
1200 |
| Maximum 3DES/AES VPN throughput (Mbps) |
100 |
170 |
225 |
325 |
425 |
| Maximum site-to-site and remote access VPN user sessions |
10/25 |
250 |
750 |
5,000 |
5,000 |
| Maximum SSL VPN user sessions1 |
25 |
250 |
750 |
2,500 |
5,000 |
| Maximum connections |
10,000/25,000 |
50,000/130,000 |
280,000 |
400,000 |
650,000 |
| Maximum connections/second |
3,000 |
6,000 |
9,000 |
20,000 |
28,000 |
| Packets per second (64 byte) |
85,000 |
190,000 |
320,000 |
500,000 |
600,000 |
| Technical Summary |
|
| Memory (MB) |
256 |
256 |
512 |
1024 |
4096 |
| Minimum system flash (MB) |
64 |
64 |
64 |
64 |
64 |
| Integrated ports2 |
8 port 10/100 switch with 2 Power over Ethernet ports |
5-10/100 |
4-10/100/1000,
1-10/100 |
4-10/100/1000,
1-10/100 |
8-10/100/1000,
1-10/100 |
| Maximum virtual interfaces (VLANs) |
3 (trunking disabled) / 20 (trunking enabled) |
50/100 |
150 |
200 |
250 |
| SSC/SSM expansion slot |
Yes (SSC) |
Yes (SSM) |
Yes (SSM) |
Yes (SSM) |
No |
| SSC/SSM Capabilities |
|
| SSC/SSMs supported |
Future, SSC |
CSC-SSM, AIP-SSM, 4GE-SSM |
CSC-SSM, AIP-SSM, 4GE-SSM |
CSC-SSM, AIP-SSM, 4GE-SSM |
No |
| Intrusion Prevention |
Not available |
Yes (with AIP-SSM) |
Yes (with AIP-SSM) |
Yes (with AIP-SSM) |
No |
| Concurrent threat mitigation throughput (Mbps) (firewall + IPS services) |
Not available |
150 (with AIP-SSM-10)
300 (with AIP-SSM-20) |
225 (with AIP-SSM-10)
375 (with AIP-SSM-20) |
450 (with AIP-SSM-20) |
Not available |
| Anti-X (anti-virus, anti-spyware, file blocking, anti-spam, anti-phishing, and URL filtering) |
Not available |
Yes (with CSC-SSM) |
Yes (with CSC-SSM) |
Yes (with CSC-SSM) |
Not available |
| Maximum number of users for anti-virus, anti-spyware, file blocking (CSC-SSM only) |
Not available |
500 (CSC-SSM-10)
1000 (CSC-SSM-20) |
500 (CSC-SSM-10)
1000 (CSC-SSM-20) |
500 (CSC-SSM-10)
1000 (CSC-SSM-20) |
Not available |
| CSC SSM Plus License features |
Not available |
Anti-spam, anti-phishing, URL filtering |
Anti-spam, anti-phishing, URL filtering |
Anti-spam, anti-phishing, URL filtering |
Not available |
| Features |
|
| Application-layer security |
Yes |
Yes |
Yes |
Yes |
Yes |
| Layer 2 transparent firewalling |
Yes |
Yes |
Yes |
Yes |
Yes |
| Security contexts (included/maximum)3 |
0/0 |
0/0 / 2/5 |
2/20 |
2/50 |
2/50 |
| GTP/GPRS inspection3 |
Not available |
Not available |
Yes |
Yes |
Yes |
| High availability support4 |
Not supported / Stateless A/S |
Not supported / A/A and A/S |
A/A and A/S |
A/A and A/S |
A/A and A/S |
| IPSec and WebVPN services |
Yes |
Yes |
Yes |
Yes |
Yes |
| VPN clustering and load balancing |
Not available |
Not available |
Yes |
Yes |
Yes |
|
1 Beginning with Cisco ASA Software v7.1, SSL VPN (Web VPN) capability requires a license. Systems include 2 SSL VPN users by default for evaluation and remote management purposes
2 Dedicated out-of-band (OOB) management port (a Cisco ASA 5510 Adaptive Security Appliance with the security+ license or higher model is required to make this interface route traffic)
3 Licensed features
4 A/S = Active/Standby; A/A = Active/Active |