Cisco Systems OL-16647-01

2-6

Cisco ASDM User Guide

OL-16647-01

Chapter 2 Introduction to the Security Appliance

New Features by Platform Release

Table 2-3 lists the new features for Version 8.0(4).

Table 2-3 New Features for ASA and PIX Version 8.0(4)

Feature Description

Unified Communications Features1

Phone Proxy Phone Proxy functionality is supported. ASA Phone Proxy provides similar features to those of the

Metreos Cisco Unified Phone Proxy with additional support for SIP inspection and enhanced

security. The ASA Phone Proxy has the following key features:

• Secures remote IP phones by forcing the phones to encrypt signaling and media

• Performs certificate-based authentication with remote IP phones

• Terminates TLS signaling from IP phones and initiates TCP and TLS to Cisco Unified Mobility

Advantage servers

• Terminates SRTP and initiates RTP/SRTP to the called party

In ASDM, see Configuration > Firewall > Advanced > Encrypted Traffic Inspection > Enable

Phone Proxy.

Mobility Proxy Secure connectivity (mobility proxy) between Cisco Unified Mobility Advantage clients and

servers is supported.

Cisco Unified Mobility Advantage solutions include the Cisco Unified Mobile Communicator, an

easy-to-use software application for mobile handsets that extends enterprise communications

applications and services to mobile phones and smart phones and the Cisco Unified Mobility

Advantage server. The mobility solution streamlines the communication experience, enabling

real-time collaboration across the enterprise.

The ASA in this solution delivers inspection for the MMP (formerly called OLWP) protocol, the

proprietary protocol between Cisco Unified Mobile Communicator and Cisco Unified Mobility

Advantage. The ASA also acts as a TLS proxy, terminating and reoriginating the TLS signaling

between the Cisco Unified Mobile Communicator and Cisco Unified Mobility Advantage.

In ASDM, see Configuration > Firewall > Advanced > Encrypted Traffic Inspection > TLS Proxy.

Presence Federation

Proxy

Secure connectivity (presence federation proxy) between Cisco Unified Presence servers and

Cisco/Microsoft Presence servers is supported. With the Presence solution, businesses can securely

connect their Cisco Unified Presence clients back to their enterprise networks, or share Presence

information between Presence servers in different enterprises.

The ASA delivers functionality to enable Presence for Internet and intra-enterprise

communications. An SSL-enabled Cisco Unified Presence client can establish an SSL connection

to the Presence Server. The ASA enables SSL connectivity between server to server

communication including third-party Presence servers communicating with Cisco Unified

Presence servers. Enterprises share Presence information, and can use IM applications. The ASA

inspects SIP messages between the servers.

In ASDM, see Configuration > Firewall > Service Policy Rules > Add/Edit Service Policy Rule >

Rule Actions > Protocol Inspection or Configuration > Firewall > Advanced > Encrypted Traffic

Inspection > TLS Proxy > Add > Client Configuration.

Remote Access Features