© 2005 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 5 of 15
Feature Benefit
Advanced Firewall Services
Stateful Inspection Firewall
• Provides wide-range of perimeter network security services to prevent unauthorized network access
• Delivers robust stateful inspection firewall services which track the state of all network
communications
• Provides flexible access-control capabilities for more than 100 predefined applications, services, and
protocols, with the ability to define custom applications and services
• Supports inbound/outbound ACLs for interfaces, time-based ACLs, and per-user/per-group policies
for improved control over network and application usage
• Simplifies management of security policies by giving administrators the ability to create re-usable
network and service object groups that can be referenced by multiple security policies, simplifying
initial policy definition and ongoing policy maintenance
Advanced Application and
Protocol Inspection
• Integrates 30 specialized inspection engines that provide rich application control and security services
for protocols such as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Extended
Simple Mail Transfer Protocol (ESMTP), Domain Name System (DNS), Simple Network
Management Protocol (SNMP), Internet Control Message Protocol (ICMP), SQL*Net, Network File
System (NFS), H.323 Versions 1-4, Session Initiation Protocol (SIP), Cisco Skinny Client Control
Protocol (SCCP), Real-Time Streaming Protocol (RTSP), GPRS Tunneling Protocol (GTP), Internet
Locator Service (ILS), Sun Remote Procedure Call (RPC), and many more
Modular Policy Framework
• Provides a powerful, highly flexible framework for defining flow- or class-based policies, enabling
administrators to identify a network flow or class based on a variety of conditions, and then apply a
set of customizable services to each flow/class
• Improves control over applications by introducing ability to have flow- or class-specific
firewall/inspection policies, QoS policies, connection limits, connection timers, and more
Security Contexts
• Enables creation of multiple security contexts (virtual firewalls) within a single Cisco PIX Security
Appliance, with each context having its own set of security policies, logical interfaces, and
administrative domain
• Supports four licensed levels of security contexts: 5, 10, 20, and 50 (maximum number of security
contexts supported based on model of Cisco PIX Security Appliance)
• Provides businesses a convenient way of consolidating multiple firewalls into a single physical
appliance or failover pair, yet retaining the ability to manage each of these virtual instances separately
• Enables service providers to deliver resilient multi-tenant firewall services with a pair of redundant
appliances
Layer 2 Transparent Firewall
• Supports deployment of a Cisco PIX Security Appliance in a secure Layer 2 bridging mode, providing
rich Layer 2—7 firewall security services for the protected network while remaining “invisible” to
devices on each side of it
• Simplifies Cisco PIX Security Appliance deployments in existing network environments by not
requiring businesses to re-address the protected networks
• Supports creation of Layer 2 security perimeters by enforcing administrator defined Ethertype-based
access control policies for Layer 2 network traffic
(20 pages)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals