1-9
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance
New Features
Usability Improvements for
Remote Access VPN
ASDM provides a step-by-step guide to configuring Clientless SSL VPN, AnyConnect SSL
VPN Remote Access, or IPsec Remote Access using the ASDM Assistant. The ASDM
Assistant is more comprehensive than the VPN wizards, which are designed only to get you up
and running.
The following screen was modified: Configuration > Remote Access VPN > Introduction >
ASDM Assistant.
Firewall Features
Interface-Independent
Access Policies
You can now configure access rules that are applied globally, as well as access rules that are
applied to an interface. If the configuration specifies both a global access policy and
interface-specific access policies, the interface-specific policies are evaluated before the global
policy.
The following screen was modified: Configuration > Firewall > Access Rules.
Network and Service
Objects
You can now create named network objects that you can use in place of a host, a subnet, or a
range of IP addresses in your configuration and named service objects that you can use in place
of a protocol and port in your configuration. You can then change the object definition in one
place, without having to change any other part of your configuration. This release introduces
support for network and service objects in the following features:
• NAT
• Access rules
• Network object groups
Note ASDM used network objects internally in previous releases; this feature introduces
platform support for network objects.
The following screens were modified or introduced:
Configuration > Firewall > Objects > Network Objects/Groups, Configuration > Firewall >
Objects > Service Objects/Groups
Configuration > Firewall > NAT Rules, Configuration > Firewall > Access Rules
Object-group Expansion
Rule Reduction
Significantly reduces the network object-group expansion while maintaining a satisfactory
level of packet classification performance.
The following screen was modified: Configuration > Firewall > Access Rules > Advanced.
NAT Simplification The NAT configuration was completely redesigned to allow greater flexibility and ease of use.
You can now configure NAT using auto NAT, where you configure NAT as part of the attributes
of a network object, and manual NAT, where you can configure more advanced NAT options.
The following screens were modified or introduced:
Configuration > Firewall > Objects > Network Objects/Group
Configuration > Firewall > NAT Rules
Table 1-4 New Features for ASDM Version 6.3(1)/ASA Version 8.3(1) (Unless Otherwise Noted) (continued)
Feature Description
To Next Page
Loading...
Need help?
General
