Cisco’s AnyConnect Secure Mobility Solution

Cisco‘s (CSCO) AnyConnect Secure Mobility Solution is a two-box enterprise play that poses some problems for small and mid-sized businesses.

The Adaptive Security Appliance (ASA) piece of the puzzle delivers firewall and VPN, but not the other security features found in an integrated unified threat management (UTM) device. For example, content scanning for malware requires an add-in hardware module and a subscription, as does intrusion prevention.

The problem is that you can only put a single add-in hardware module in any of the appliances, so you have to pick whether you want intrusion-prevention system or anti-malware in your VPN gateway, rather than having the ability to use both as most other UTM firewalls allow.

When the ASA is acting as a firewall, picking one or the other makes sense, because you usually leave anti-malware to end-point software and an anti-spam gateway. When the ASA is acting as a VPN concentrator, however, having both protections is a very attractive defense-in-depth strategy, but the ASA doesn’t allow you to do that directly.

In an enterprise environment, Cisco solves this problem by recommending the second box, the full-feature IronPort S-series Web security appliance.

However, the two-box solution could have a side effect of pushing Cisco remote access out of the price range and complexity level appropriate for many small business networks.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.