Cisco Systems ASA 5510

Accessing the InterScan components from the ASDM fires up Trend's own separate administrative interface where you can set up scanning rules for mail, web browser and FTP traffic. Separate sections are provided for POP3 and SMTP traffic so can create different policies for inbound and outbound mail. Infected attachments can be cleaned, moved or deleted and you can set InterScan to keep an eye out for keywords in email subject lines and message content. There's little that needs to be done with the anti-spam component as you simply choose from three levels of scanning intensity and set up black and white sender lists. For web traffic you can use basic URL blocking lists but you also get hosted content filtering services which are accessed and configured from the InterScan interface.

All IPS features are also accessed from a separate interface. Using the Cisco IDM (intrusion detection manager) utility you need to set up sensors and define interfaces which can operate either in promiscuous or in-line mode when analysing traffic. The former effectively provides a passive monitor that cannot directly intervene when an attack is detected whilst the latter offers up to Layer 7 packet analysis and can actively block attacks.

Plenty of wizards make light work of creating site-to-site and mobile client IPsec VPNs and for SSL VPNs a separate section is provided for accessing the CSD (Cisco secure desktop) manager. Remote users access the appliance by running Cisco's WebVPN software and profiles determine what network resources they are allowed to access and how their PC or laptop is cleaned up after their SSL VPN sessions have ended.

The ASA 5510 certainly has the ability to deliver a comprehensive range of security measures and the extensive upgrade options on offer make it a highly versatile UTM appliance. The sheer number of features means it will take a while to customise to suit but the new management interface does provide good access to the various functions along with plenty of assistance.