Support User Manuals

Cisco Systems ASA 5585-X Network Router User Manual

Open as PDF

of 2086

1-6

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter 1 Introduction to the Cisco ASA 5500 Series

New Features

Table 1-3 New Features for ASA Version 8.4(4.1)/ASDM Version 6.4(9)

Feature Description

Certification Features

FIPS and Common Criteria

certifications

The FIPS 140-2 Non-Proprietary Security Policy was updated as part of the Level 2 FIPS 140-2

validation for the Cisco ASA 5500 series adaptive security appliances, which includes the

Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, and ASA 5585-X.

The Common Criteria Evaluation Assurance Level 4 (EAL4) was updated, which provides the

basis for a specific Target of Evaluation (TOE) of the Cisco ASA and VPN platform solutions.

This feature is not available in 8.5(1) or 8.6(1).

Remote Access Features

Clientless SSL VPN:

Enhanced quality for

rewriter engines

The clientless SSL VPN rewriter engines were significantly improved to provide better quality

and efficacy. As a result, you can expect a better end-user experience for clientless SSL VPN

users.

We did not add or modify any ASDM screens for this feature.

This feature is not available in 8.5(1) or 8.6(1).

Authentication and Encryption Features

Support for password policy,

password change, and SSH

public key authentication

The ASA enables administrators with the necessary privileges to do the following for users in

the current context: modify password policy, change passwords, and authenticate using an SSH

public key.

We introduced the following screens:

Configuration > Device Management > Users/AAA > Password Policy

Configuration > Device Management > Users/AAA > Change Password

Configuration > Device Management > Users/AAA > User Accounts > Edit User Account >

Public Key Authentication.

This feature is not available in 8.5(1) or 8.6(1).

Support for maximum

number of management

sessions allowed and

Diffie-Hellman Key

Exchange Group 14 support

for SSH

The maximum number of simultaneous ASDM, SSH, and Telnet sessions allowed was added.

Support for Diffie-Hellman Key Exchange Group 14 for SSH was added.

We introduced or modified the following screens:

Configuration > Device Management > Management Access > Management Session Quota

Configuration > Device Management > Management Access > ASDM/HTTPS/Telnet/SSH.

This feature is not available in 8.5(1) or 8.6(1).

previous next