New User

Register

Cisco Systems Adaptive Security Appliances & PIX - Snap Shot Update

 

Ø
  • L3-L4 (before PIX 7.0); L3-7 (starting PIX 7.0 or later)
§

Application Filtering for FTP, HTTP, SNMP, MGCP, and GTP

Ø
  • Bi-directional ACL-based Firewall (for PIX 7.x and later)
Ø
  • Stateful Inspection for ICMP, TCP, and UDP
Ø
  • Static and Dynamic NAT, PAT
Ø
  • Source Address Filtering (via Reverse Path Forwarding)
Ø
  • Authentication with AAA Servers (RADIUS, TACAC+)
Ø
  • Static and Dynamic Routing (RIP, OSPF)
Ø
  • Network Segmentation
§

Single or multiple Security Contents (or Zones/Security Domains) can be mapped across physical or virtual firewall interfaces and be shared across multiple PIX or ASA firewall platforms (for PIX 7.x or later)

Ø
  • Java and ActiveX Mobile Code Filtering
Ø
  • Server-based Content Filtering available from Websense and Secure Computing (N2H2)
Ø
  • IPS actions include drop packet, reset session, and log packet
Ø
  • Firewall hardening (or Shun) is available (for PIX 6.x or later) to close new, existing, connections from a given IP address (or VLAN tag in PIX 7.0 or later)
Ø
  • IDS Signatures
§

PIX OS 6.0 supports 57 signatures

§

IOS 12.2 (11)YU and earlier supports up to 59 signatures

§

IOS 12.2 (15)T has 42 additional signatures (101 signatures)

§

Enhanced IDS supports approx. 1000 signatures (for IDS 4200 Series, Catalyst 6500 IDSM-2 module, IDS module for Cisco 2600XM, 3660, 3700 series routers, and SSM module for ASA 5500 Series)

Ø
  • Fail-over Active-Active, Active-Passive
Ø
  • Load Sharing (for PIX 7.x or later)
Ø
  • Management via console, Telnet, SSH, VMS (VPN/Security Management System), PDM (PIX Device Manager), ASDM (Adaptive Security Device Manager: a web interface to PDM for the ASA product line)

 

 

 

HOME |

ADVERTISE WITH US |

VENDOR TOOLS |

PR TOOLS |

 CONTACT OUR EDITORS |

Copyright © 2006 Silicon Valley Communications - All rights reserved.