Cisco Systems ASA 5510, ASA 5512-X, ASA 5515-X, ASA 5520, ASA 5525-X, ASA 5540, ASA 5545-X, ASA 5550, ASA 5555-X, ASA 5580, ASA 5585-X, ASA 5505

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter1 Introduction to the Cisco ASA 5500 Series

New Features

Phone Proxy addition to

Unified Communication

The Unified Communications wizard guides you through the complete configuration and

automatically configures required aspects for the Phone Proxy. The wizard automatically

creates the necessary TLS proxy, then guides you through creating the Phone Proxy instance,

importing and installing the required certificates, and finally enables the SIP and SCCP

inspection for the Phone Proxy traffic automatically.

We modified the following screens:

Wizards > Unified Communications Wizard.

Configuration > Firewall > Unified Communications.

UC Protocol Inspection

Enhancements

SIP Inspection and SCCP Inspection are enhanced to support new features in the Unified

Communications Solutions; such as, SCCP v2.0 support, support for GETPORT messages in

SCCP Inspection, SDP field support in INVITE messages with SIP Inspection, and QSIG

tunneling over SIP. Additionally, the Cisco Intercompany Media Engine supports Cisco RT

Lite phones and third-party video endpoints (such as, Tandberg).

We did not modify any screens.

Inspection Features

DCERPC Enhancement DCERPC Inspection was enhanced to support inspection of RemoteCreateInstance RPC

We did not modify any screens.

Troubleshooting and Monitoring Features

SNMP traps and MIBs Supports the following additional keywords: connection-limit-reached, entity

cpu-temperature, cpu threshold rising, entity fan-failure, entity power-supply,

ikev2stop | start, interface-threshold, memory-threshold, nat packet-discard, warmstart.

The entPhysicalTable reports entries for sensors, fans, power supplies, and related components.

Supports the following additional MIBs: ENTITY-SENSOR-MIB,

CISCO-ENTITY-SENSOR-EXT-MIB, CISCO-ENTITY-FRU-CONTROL-MIB,

CISCO-PROCESS-MIB, CISCO-ENHANCED-MEMPOOL-MIB,

CISCO-L4L7MODULE-RESOURCE-LIMIT-MIB, NAT-MIB, EVENT-MIB,

EXPRESSION-MIB

Supports the following additional traps: warmstart, cpmCPURisingThreshold,

mteTriggerFired, cirResourceLimitReached, natPacketDiscard,

ciscoEntSensorExtThresholdNotification.

We modified the following screen: Configuration > Device Management > Management

Access > SNMP.

TCP Ping Enhancement TCP ping allows users whose ICMP echo requests are blocked to check connectivity over TCP.

With the TCP ping enhancement you can specify a source IP address and a port and source

interface to send pings to a hostname or an IPv4 address.

We modified the following screen: Tools > Ping.

Show Top CPU Processes You can now monitor the processes that run on the CPU to obtain information related to the

percentage of the CPU used by any given process. You can also see information about the load

on the CPU, broken down per process, at 5 minutes, 1 minute, and 5 seconds prior to the log

time. Information is updated automatically every 5 seconds to provide real-time statistics, and

a refresh button in the pane allows a manual data refresh at any time.

We introduced the following screen: Monitoring > Properties > CPU - Per Process.

Table1-6 New Features for ASA Version 8.4(1)/ASDM Version 6.4(1) (continued)

Feature Description

Contents

Cisco Systems - page 95

Models: ASA 5510 ASA 5512-X ASA 5515-X ASA 5520 ASA 5525-X ASA 5540 ASA 5545-X ASA 5550 ASA 5555-X ASA 5580 ASA 5585-X ASA 5505