Name: Cisco ASA 5506-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

5-10

Cisco ASA Series Firewall CLI Configuration Guide

Chapter 5 Identity Firewall

Configure the Identity Firewall

• Before configuring the Active Directory server on the ASA, create a user account in Active

Directory for the ASA.

• Additionally, the ASA sends encrypted log-in information to the Active Directory server by using

SSL enabled over LDAP. SSL must be enabled on the Active Directory server. See the

documentation for Microsoft Active Directory for how to enable SSL for Active Directory.

Note Before running the AD Agent Installer, you must install the patches listed in the README First for the

Cisco Active Directory Agent on each Microsoft Active Directory server that the AD Agent monitors.

These patches are required even when the AD Agent is installed directly on the domain controller server.

Configure the Identity Firewall

To configure the Identity Firewall, perform the following tasks:

Step 1 Configure the Active Directory domain in the ASA.

See Configure the Active Directory Domain, page 5-10.

See also Deployment Scenarios, page 5-4 for the ways in which you can deploy the Active Directory

servers to meet your environment requirements.

Step 2 Configure the AD Agent in ASA.

See Configure Active Directory Agents, page 5-13.

See also Deployment Scenarios, page 5-4 for the ways in which you can deploy the AD Agents to meet

your environment requirements.

Step 3 Configure Identity Options.

See Configure Identity Options, page 5-14.

Step 4 Configure Identity-based Security Policy. After the AD domain and AD Agent are configured, you can

create identity-based object groups and ACLs for use in many features.

See Configure Identity-Based Security Policy, page 5-18.

Configure the Active Directory Domain

Active Directory domain configuration on the ASA is required for the ASA to download Active

Directory groups and accept user identities from specific domains when receiving IP-user mapping from

the AD Agent.

Before You Begin

• Active Directory server IP address

• Distinguished Name for LDAP base DN

• Distinguished Name and password for the Active Directory user that the Identity Firewall uses to

connect to the Active Directory domain controller

Other manuals for Cisco ASA 5506-X

Quick Start Guide14 pages

Easy Setup Guide11 pages

Installation Guide46 pages

Software Guide37 pages

Hardware Installation Guide52 pages

Mount And Connect12 pages

Mount The Chassis10 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco ASA 5506-X and is the answer not in the manual?

Cisco ASA 5506-X Specifications

General

Model	ASA 5506-X
Firewall Throughput	750 Mbps
Maximum Firewall Connections	50, 000
Maximum VPN Peers	50
Integrated Ports	8 x 1 GE
Stateful Inspection Throughput	750 Mbps
Weight	4.4 lb (2 kg)
Firewall Throughput (Multiprotocol)	750 Mbps
Firewall Throughput (Application Visibility and Control AVC)	250 Mbps
Concurrent Sessions	50, 000
New Connections per Second	10, 000
IPsec VPN Throughput	100 Mbps
Interfaces	8 x 1 GE
Memory	4 GB
Flash Memory	8 GB
Form Factor	Desktop
VPN Throughput	100 Mbps
Maximum Concurrent Sessions	50, 000
New Sessions per Second	10, 000
Operating Temperature	32 to 104°F (0 to 40°C)
Storage Temperature	-13 to 158°F (-25 to 70°C)
Power Supply	External
Humidity	10% to 90% non-condensing