Cisco ASA
Firewall
VMware Aria
Operations for Networks
supports Cisco ASA
firewall. The features for Cisco ASA firewall are as
follows:
- VMware Aria Operations for Networkssupports only Cisco ASA-X series.
- VMware Aria Operations for Networksdoes not support Firepower modules.
- Currently,VMware Aria Operations for Networkssupports Cisco ASA operating system version 9.4.
- VMware Aria Operations for Networksdoes not support the cluster deployment of Cisco ASA.
- VMware Aria Operations for Networksdoes not support the high availability of Cisco ASA.
- VMware Aria Operations for Networksdoes not support Cisco ASA if it is directly connected to the host. A topology that is similar to the following example is supported:
- Cisco ASA access rules of onlyExtendedtype are supported. Other access rule types likeStandard,WebType,EtherType, and so on are not supported.
- The Cisco ASA firewall in the VM-to-VM path does not display applicable access rules if the firewall is configured in theTransparentmode.
You can perform a query for all the Cisco ASA entities
that are supported by
VMware Aria
Operations for Networks
.
Entities in Cisco ASA | Keywords | Sample Queries |
|---|---|---|
Security Context | ASA Firewall ASA Security Context
| asa firewall
where access group = <> |
Access Rule | ASA Access Rule | asa access
rule where source ip = <> asa access
rule where destination ip = '192.168.2.2' asa access rule where port = <> asa access rule where interface = <> |
Access Group | ASA Access Group
| asa access
group where interface = <> |
Network Object / Network Object Group | ASA Network Object ASA Network Object
Group | asa network
object where ip address = <> asa network
object group where ip address = <> |
Service Object / Service Object Group | ASA Service Object ASA Service Object
Group | asa service object where port = <> asa service where protocol = <> asa service object group |