Cisco ASA on PC? It is possible!
Recently I came across a resource (cautiously, there is an underscore in the site name!) , The creators of which quite successfully transferred the Cisco ASA 5500 functionality to a regular PC.
It's no secret that Cisco ASA is inherently linux-based and quite x86-compatible. Apparently, this fact caused violent fantasies about the opening opportunities for many geeks, and finally, in 2008, a group of enthusiasts presented the world with the first Cisco ASA installation image. Since then, the project continues to exist and releases new releases.
A brief description of the capabilities of the resulting product under the cut.
The image can be run both in a virtual environment and on real hardware. Equipment requirements are as follows:
The resulting design is well suited for testing, teaching, and preparing for Cisco exams. With a certain recklessness, it is quite possible to use in battle, as evidenced by the results of the throughput tests listed on the site. A brief excerpt of them is attached:
NAT TCP
NAT UDP
WebVPN (traffic from the client, without IPSEC)
PS In the near future I plan to describe my own experience of emulating a Cisco IPS scheme using qemu / dinagen. As it turned out, it is quite feasible.
It's no secret that Cisco ASA is inherently linux-based and quite x86-compatible. Apparently, this fact caused violent fantasies about the opening opportunities for many geeks, and finally, in 2008, a group of enthusiasts presented the world with the first Cisco ASA installation image. Since then, the project continues to exist and releases new releases.
A brief description of the capabilities of the resulting product under the cut.
The image can be run both in a virtual environment and on real hardware. Equipment requirements are as follows:
- not less than 256MB RAM
- at least 110MB HD
- network cards Intel Pro / 100, Intel Pro / 1000, AMD PCNET32
- cdrom
The resulting design is well suited for testing, teaching, and preparing for Cisco exams. With a certain recklessness, it is quite possible to use in battle, as evidenced by the results of the throughput tests listed on the site. A brief excerpt of them is attached:
Test equipment:
- PIII 500 slot 1 CPU
- 256M sdram, pc100
- intel 82558b NIC (2 ports)
- intel 82559 nic
Results:
NAT TCP
NAT UDP
WebVPN (traffic from the client, without IPSEC)
PS In the near future I plan to describe my own experience of emulating a Cisco IPS scheme using qemu / dinagen. As it turned out, it is quite feasible.
')
Source: https://habr.com/ru/post/93233/
All Articles