Cisco ASDM, Version 6.2, for ASA and PIX

can i use this with cisco catalyst 3350 series?

ASDm

ASDm is required to configure ASA from GUI

For Catalyst you need to use Cisco Network Assistant if you want GUI although web access gives you almost the same overview

hope the files will gonna work

My current version of ASDM does not support the Java's V7.
Hope this will

Thanks a lot

Is there any reason to use ASDM 6.2(5) over 6.2(1)?

New Features for ASA Version 8.2(2)/ASDM Version 6.2(5)

Feature
Description
Remote Access Features
Scalable Solutions for Waiting-to-Resume VPN Sessions

An administrator can now keep track of the number of users in the active state and can look at the statistics. The sessions that have been inactive for the longest time are marked as idle (and are automatically logged off) so that license capacity is not reached and new users can log in.

The following screen was modified: Monitoring > VPN > VPN Statistics > Sessions.

Also available in Version 8.0(5).

Application Inspection Features
Inspection for IP Options

You can now control which IP packets with specific IP options should be allowed through the adaptive security appliance. You can also clear IP options from an IP packet, and then allow it through the adaptive security appliance. Previously, all IP options were denied by default, except for some special cases.

Note This inspection is enabled by default. Therefore, the adaptive security appliance allows RSVP traffic that contains packets with the Router Alert option (option 20) when the adaptive security appliance is in routed mode.

The following screens were introduced:

Configuration > Firewall > Objects > Inspect Maps > IP-Options
Configuration > Firewall > Service Policy > Add/Edit Service Policy Rule > Rule Actions > Protocol Inspection

Enabling Call Set up Between H.323 Endpoints
You can enable call setup between H.323 endpoints when the Gatekeeper is inside the network. The adaptive security appliance includes options to open pinholes for calls based on the RegistrationRequest/RegistrationConfirm (RRQ/RCF) messages.

Because these RRQ/RCF messages are sent to and from the Gatekeeper, the calling endpoint IP address is unknown and the adaptive security appliance opens a pinhole through source IP address/port 0/0. By default, this option is disabled.

The following screen was modified: Configuration > Firewall > Objects > Inspect Maps > H.323 > Details > State Checking.

Also available in Version 8.0(5).

Unified Communication Features
Mobility Proxy application no longer requires Unified Communications Proxy license

The Mobility Proxy no longer requires the UC Proxy license.

Interface Features
In multiple context mode, auto-generated MAC addresses now use a user-configurable prefix, and other enhancements

The MAC address format was changed to allow use of a prefix, to use a fixed starting value (A2), and to use a different scheme for the primary and secondary unit MAC addresses in a failover pair.

The MAC addresess are also now persistent accross reloads.

The command parser now checks if auto-generation is enabled; if you want to also manually assign a MAC address, you cannot start the manual MAC address with A2.

The following screen was modified: Configuration > Context Management > Security Contexts.

Also available in Version 8.0(5).

Support for Pause Frames for Flow Control on the ASA 5580 10 Gigabit Ethernet Interfaces

You can now enable pause (XOFF) frames for flow control.

The following screens were modified:

(Single Mode) Configuration > Device Setup > Interfaces > Add/Edit Interface > General
(Multiple Mode, System) Configuration > Interfaces > Add/Edit Interface

Firewall Features
Botnet Traffic Filter Enhancements

The Botnet Traffic Filter now supports automatic blocking of blacklisted traffic based on the threat level. You can also view the category and threat level of malware sites in statistics and reports. Reporting was enhanced to show infected hosts. The 1 hour timeout for reports for top hosts was removed; there is now no timeout.

The following screens were introduced or modified:

Configuration > Firewall > Botnet Traffic Filter > Traffic Settings
Monitoring > Botnet Traffic Filter > Infected Hosts

Connection timeouts for all protocols

The idle timeout was changed to apply to all protocols, not just TCP.

The following screen was modified: Configuration > Firewall > Service Policies > Rule Actions > Connection Settings.

Routing Features
DHCP RFC compatibility (rfc3011, rfc3527) to resolve routing issues

This enhancement introduces adaptive security appliance support for DHCP RFCs 3011 (The IPv4 Subnet Selection Option) and 3527 (Link Selection Sub-option for the Relay Agent Information Option). For each DHCP server configured for VPN clients, you can now configure the adaptive security appliance to send the Subnet Selection option or the Link Selection option.

The following screen was modified: Remote Access VPN > Network Access > IPsec connection profiles > Add/Edit.

Also available in Version 8.0(5).

High Availablility Features
IPv6 Support in Failover Configurations

IPv6 is now supported in failover configurations. You can assign active and standby IPv6 addresses to interfaces and use IPv6 addresses for the failover and Stateful Failover interfaces.

The following screens were modified:

Configuration > Device Management > High Availability > Failover > Setup
Configuration > Device Management > High Availability > Failover > Interfaces
Configuration > Device Management > High Availability > HA/Scalability Wizard

No notifications when interfaces are brought up or brought down during a switchover event

To distinguish between link up/down transitions during normal operation from link up/down transitions during failover, no link up/link down traps are sent during a failover. Also, no syslog messages about link up/down transitions during failover are sent.

Also available in Version 8.0(5).

AAA Features
100 AAA Server Groups

You can now configure up to 100 AAA server groups; the previous limit was 15 server groups.

The following screen was modified: Configuration > Device Management > Users/AAA > AAA Server Groups.

Monitoring Features
Smart Call Home

Smart Call Home offers proactive diagnostics and real-time alerts on the adaptive security appliance and provides higher network availability and increased operational efficiency. Customers and TAC engineers get what they need to resolve problems quickly when an issue is detected.

Note Smart Call Home server Version 3.0(1) has limited support for the adaptive security appliance. See the "Important Notes" for more information.

The following screen was introduced: Configuration> Device Management> Smart Call Home.


New Features in ASDM 6.2(3)/ASA 8.0(5)

Released: November 3, 2009
Hi

Table 3 lists the new features for ASA Version 8.0(5)/ASDM Version 6.2(3).


Note Version 8.0(5) is not supported on the PIX security appliance.
Table 3 New Features for ASA Version 8.0(5)/ASDM Version 6.2(3)

Feature
Description
Remote Access Features
Scalable Solutions for Waiting-to-Resume VPN Sessions

An administrator can now keep track of the number of users in the active state and can look at the statistics. The sessions that have been inactive for the longest time are marked as idle (and are automatically logged off) so that license capacity is not reached and new users can log in

The following ASDM screen was modified: Monitoring > VPN > VPN Statistics > Sessions.

Also available in Version 8.2(2).

Application Inspection Features
Enabling Call Set up Between H.323 Endpoints
You can enable call setup between H.323 endpoints when the Gatekeeper is inside the network. The adaptive security appliance includes options to open pinholes for calls based on the RegistrationRequest/RegistrationConfirm (RRQ/RCF) messages.

Because these RRQ/RCF messages are sent to and from the Gatekeeper, the calling endpoint's IP address is unknown and the security appliance opens a pinhole through source IP address/port 0/0. By default, this option is disabled.

The following ASDM screen was modified: Configuration > Firewall > Objects > Inspect Maps > H.323 > Details > State Checking.

Also available in Version 8.2(2).

Interface Features
In multiple context mode, auto-generated MAC addresses now use a user-configurable prefix, and other enhancements

The MAC address format was changed to allow use of a prefix, to use a fixed starting value (A2), and to use a different scheme for the primary and secondary unit MAC addresses in a failover pair.

The MAC addresess are also now persistent accross reloads.

The command parser now checks if auto-generation is enabled; if you want to also manually assign a MAC address, you cannot start the manual MAC address with A2.

The following ASDM screen was modified: Configuration > Context Management > Security Contexts.

Also available in Version 8.2(2).

High Availablility Features
No notifications when interfaces are brought up or brought down during a switchover event

To distinguish between link up/down transitions during normal operation from link up/down transitions during failover, no link up/link down traps are sent during a failover. Also, no syslog messages about link up/down transitions during failover are sent.

Also available in Version 8.2(2).

Routing Features
DHCP RFC compatibility (rfc3011, rfc3527) to resolve routing issues

This enhancement introduces adaptive security appliance support for DHCP RFCs 3011 (The IPv4 Subnet Selection Option) and 3527 (Link Selection Sub-option for the Relay Agent Information Option).

The following ASDM screen was modified: Remote Access VPN > Network Access > IPsec connection profiles > Add/Edit.

Also available in Version 8.2(2).

SSM Features
CSC 6.3 Support in ASDM

ASDM displays Web Reputation, User Group Policies, and User ID Settings in the Plus License listing on the main home page. CSC 6.3 security event enhancements are included, such as the new Web Reputation events and user and group identifications.

Good

Thank U

To say the least. now if I can only get to 621...

PIX 515e

How the ASDM works for PIX 515e.

Thanks for uploading this!

Updating ASA software version

May times when you upgrade the software of the ASA you need to upgrade the version of ASDM or you will lose web access.

Thanks for this, couldn’t find it anywhere else.

Very big thanks!