Cisco Adaptive Security Virtual Appliance (ASAv) Quick Start Guide, 9.2

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: July 1, 2014

Introduction to the Cisco ASAv

The Cisco Adaptive Security Virtual Appliance (ASAv) brings full firewall functionality to virtualized environments to secure data center traffic and multi-tenant environments.

You can manage and monitor the ASAv using ASDM or CLI. Other management options may be available.

Prerequisites for the ASAv

For hypervisor support, see Cisco ASA Compatibility :

http://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html

Guidelines for the ASAv

Context Mode Guidelines

Supported in single context mode only. Does not support multiple context mode.

Failover Guidelines

For failover deployments, make sure that the standby unit has the same model license; for example, both units should be ASAv30s.

Unsupported ASA Features

The ASAv does not support the following ASA features:

Clustering
Multiple context mode
Active/Active failover
EtherChannels
Shared AnyConnect Premium Licenses

Licensing for the ASAv

Model	License Requirement
ASAv10	Standard license: 2 SSL VPN sessions. Premium license: 250 SSL VPN sessions, Advanced Endpoint Assessment, AnyConnect for Cisco VPN Phone, AnyConnect for Mobile. See the following specifications: 1 Virtual CPU 2 GB RAM vCPU Frequency Limit of 5000 MHz 100,000 concurrent firewall connections
ASAv30	Standard license: 2 SSL VPN sessions. Premium license: 750 SSL VPN sessions, Advanced Endpoint Assessment, AnyConnect for Cisco VPN Phone, AnyConnect for Mobile. See the following specifications: 4 Virtual CPUs 8 GB RAM vCPU Frequency Limit of 20000 MHz 500,000 concurrent firewall connections Note: If you apply an ASAv30 license, but choose to deploy 2 or 3 vCPUs, then see the following values: 2 Virtual CPUs—4 GB RAM, vCPU Frequency Limit of 10000 MHz, 250,000 concurrent firewall connections. 3 Virtual CPUs—4 GB RAM, vCPU Frequency Limit of 15000 MHz, 350,000 concurrent firewall connections.

Model

License Requirement

ASAv10

Standard license: 2 SSL VPN sessions.
Premium license: 250 SSL VPN sessions, Advanced Endpoint Assessment, AnyConnect for Cisco VPN Phone, AnyConnect for Mobile.

See the following specifications:

1 Virtual CPU
2 GB RAM
vCPU Frequency Limit of 5000 MHz
100,000 concurrent firewall connections

ASAv30

Standard license: 2 SSL VPN sessions.
Premium license: 750 SSL VPN sessions, Advanced Endpoint Assessment, AnyConnect for Cisco VPN Phone, AnyConnect for Mobile.

See the following specifications:

4 Virtual CPUs
8 GB RAM
vCPU Frequency Limit of 20000 MHz
500,000 concurrent firewall connections

Note: If you apply an ASAv30 license, but choose to deploy 2 or 3 vCPUs, then see the following values:

2 Virtual CPUs—4 GB RAM, vCPU Frequency Limit of 10000 MHz, 250,000 concurrent firewall connections.

3 Virtual CPUs—4 GB RAM, vCPU Frequency Limit of 15000 MHz, 350,000 concurrent firewall connections.

Note: You must install a model license on the ASAv. Until you install a license, throughput is limited to 100 Kbps so you can perform preliminary connectivity tests. A model license is required for regular operation.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)