Cisco ASA 5505 User Manual

Page 137

Advertising
background image

3-17

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 3 Managing Feature Licenses

Supported Feature Licenses Per Model

AnyConnect for Mobile

This license provides access to the AnyConnect Client for touch-screen mobile devices running
Windows Mobile 5.0, 6.0, and 6.1. We recommend using this license if you want to support
mobile access to AnyConnect 2.3 and later versions. This license requires activation of one of the
following licenses to specify the total number of SSL VPN sessions permitted: AnyConnect
Essentials or AnyConnect Premium.

Mobile Posture Support

Enforcing remote access controls and gathering posture data from mobile devices requires an
AnyConnect Mobile license and either an AnyConnect Essentials or AnyConnect Premium
license to be installed on the ASA. Here is the functionality you receive based on the license you
install.

AnyConnect Premium License Functionality

Enforce DAP policies on supported mobile devices based on DAP attributes and any
other existing endpoint attributes. This includes allowing or denying remote access from
a mobile device.

AnyConnect Essentials License Functionality

Enable or disable mobile device access on a per group basis and to configure that feature
using ASDM.

Display information about connected mobile devices via CLI or ASDM without having
the ability to enforce DAP policies or deny or allow remote access to those mobile
devices.

AnyConnect Premium

AnyConnect Premium sessions include the following VPN types:

SSL VPN

Clientless SSL VPN

IPsec remote access VPN using IKEv2

AnyConnect Premium
Shared

A shared license lets the ASA act as a shared license server for multiple client ASAs. The shared
license pool is large, but the maximum number of sessions used by each individual ASA cannot
exceed the maximum number listed for permanent licenses.

Botnet Traffic Filter

Requires a Strong Encryption (3DES/AES) License to download the dynamic database.

Encryption

The DES license cannot be disabled. If you have the 3DES license installed, DES is still available.
To prevent the use of DES when you want to only use strong encryption, be sure to configure any
relevant commands to use only string encryption.

Failover, Active/Active

You cannot use Active/Active failover and VPN; if you want to use VPN, use Active/Standby
failover.

Table 3-15

License Notes (continued)

License

Notes

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals