Zengraft V. Grimes
Abstract
This project describes the implementation of the Cisco Adaptive Security Appliance (ASA) in a Small-Medium Business (SMB) environment. The Cisco ASA 5500 Series ASA is a comprehensive security solution. The Appliance provides vulnerabilities protection, stateful inspection firewall, Virtual Private Network (VPN) functionality, routing, and other services all within one device. For these reasons, the Cisco ASA is one of the most well known network security solutions implemented by businesses.
The main purpose of this research project is to build upon existing knowledge of Cisco equipment, and specifically focus on the design and implementation of the Cisco ASA features of threat prevention, VPN, application inspections, and routing services within a SMB environment. In addition, this research project examines some of the management, monitoring, and troubleshooting options provides by the Cisco ASA. Furthermore, to demonstrate the Cisco ASA functionality in a SMB environment, Directory Services, Domain Services, Dynamic-Host Configuration Protocol (DHCP), and Voice-over Internet Protocol (VOIP) service are implemented as part of the network architecture.
The network topology design for this project includes a headquarters office, one branch office, and a telecommuting staff. Two different models from the Cisco 5500 series ASA product family are used to implement this topology. The Cisco 5510 series ASA is located at the headquarters office and the Cisco 5505 series ASA at the branch office. The two offices are connected using a secure link via the public internet. In addition, the SMB enterprise network includes a Windows Server 2008 domain controller, an open source VOIP gateway, Cisco Catalyst Switches and Cisco VOIP telephones.