In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA, is Cisco's line of network security devices introduced in May 2005.^[1] It succeeded three existing lines of popular Cisco products:

• Cisco PIX, which provided firewall and network address translation (NAT) functions, ended its sale on July 28, 2008.^[2]
• Cisco's IPS 4200 Series worked as intrusion prevention systems (IPS).
• Cisco VPN 3000 Series Concentrators, which provided virtual private networking (VPN).

The Cisco ASA is a unified threat management device, combining several network security functions in one box.^[3]

Cisco ASA has become one of the most widely used firewall/VPN solutions for small to medium businesses. Early reviews indicated the Cisco GUI tools for managing the device were lacking.^[4]

A security flaw was identified when users customized the Clientless SSL VPN option of their ASA's but was rectified in 2015.^[5] Another flaw in a WebVPN feature was fixed in 2018.^[6]

In 2017 The Shadow Brokers revealed the existence of two privilege escalation exploits against the ASA called EPICBANANA^[7] and EXTRABACON.^[8][9] A code insertion implant called BANANAGLEE, was made persistent by JETPLOW.^[10]

The 5506W-X has a WiFi point included.

The ASA software is based on Linux. It runs a single Executable and Linkable Format program called lina. This schedules processes internally rather than using the Linux facilities.^[11] In the boot sequence a boot loader called ROMMON (ROM monitor) starts, loads a Linux kernel, which then loads the lina_monitor, which then loads lina. The ROMMON also has a command line that can be used to load or select other software images and configurations. The names of firmware files includes a version indicator, -smp means it is for a symmetrical multiprocessor (and 64 bit architecture), and different parts also indicate if 3DES or AES is supported or not.^[11]

The ASA software has a similar interface to the Cisco IOS software on routers. There is a command line interface (CLI) that can be used to query operate or configure the device. In config mode the configuration statements are entered. The configuration is initially in memory as a running-config but would normally be saved to flash memory.^[11]

The 5512-X, 5515-X, 5525-X, 5545-X and 5555-X can have an extra interface card added.^[13]

The 5585-X has options for SSP. SSP stands for security services processor.^[14] These range in processing power by a factor of 10, from SSP-10 SSP-20, SSP-40 and SSP-60. The ASA 5585-X has a slot for an I/O module. This slot can be subdivided into two half width modules.^[15]

On the low end models, some features are limited, and uncrippling happens with installation of a Security Plus License. This enables more VLANs, or VPN peers, and also high availability.^[13] Cisco AnyConnect is an extra licensable feature which operates IPSec or SSL tunnels to clients on PCs, iPhones or iPads.^[16]

The 5505 introduced in 2010 was a desktop unit designed for small enterprises or branch offices. It included features to reduce the need for other equipment, such as an inbuilt switch, and power over Ethernet ports.^[17] The 5585-X is a higher powered unit for datacenters introduced in 2010.^[18] It runs in 32 bit mode on an Intel architecture Atom chip.^[11]

Cisco determined that most of the low end devices had too little capacity to include the features needed, such as anti-virus, or sandboxing, and so introduced a new line called next generation firewall. These run in 64 bit mode.^[11]

Models as of 2018.^[13]