Wednesday, September 9, 2009

Cisco PIX - Introduction 1

Intro..

1. Use to prevent our network wide open from attack
2. PIX firewall range has a wide variety of add on cards
3. can work hand in hand with the Adaptive Security Appliance (ASA)
4. PIX come in several form factors range:

a. 501
  • cheapest and smallest firewall - SOHO
  • support up to 7500 concurrent connections
  • 60Mbps throughput
  • interfaces- 10/100BASE-T Ethernet interface for the outside connection (100BASE-T is only in version 6.3)
  • four-port 10/100 switch for the inside interfaces
  • It can also support up to 10 simultaneous VPN connections
  • It does not support any failover at all.



b. 506E
  • more geared up towards the ROBO setup (Remote Office – Branch Office)
  • ideal choice for a small – medium sized business if you don’t need any failover capabilities
  • a lot of VLAN’s or a very fast throughput of data.
  • 25,000 concurrent connections
  • 100 Mbps throughput
  • Interfaces - two 10/100BASE-T interfaces
  • support for up to Two VLAN’s
  • support up to 25 simultaneous VPN connections
  • It does not support version 7 of the PIX operating system or the ADSM utility, instead it has a less useful PDM for remote configuration.


c. 515E
  • Is designed for small to medium sized businesses and enterprise networks
  • up to 130,000 concurrent connections
  • 190 Mbps of clear text throughput
  • interfaces - up to 6 10/100 Fast Ethernet interfaces
  • 25 VLAN’s and up to five contexts (contexts will be explained later).
  • It is the first PIX in the range that supports failover and version 7 of the PIX operating system
  • up to 2,000 VPN tunnels and supports site to site and remote access VPN’s

d. 525 My Firewall..

  • most common security appliance in the PIX range (affordability Vs funcionality)
  • up to 280,000 concurrent connections
  • 330 Mbps of clear text throughput
  • interfaces - up to 10 10/100 Fast Ethernet interfaces
  • up to 100 VLAN’s and 50 contexts.
  • supports failover and version 7 of the PIX operating System - Mine already upgrade.. because deficient of memory, currently no GUI and used CLI to configure
  • up to 2,000 VPN tunnels.

e.535
  • high-performance, designed for very large enterprise and service provider networks
  • up to ten 10/100 Fast Ethernet interfaces or nine Gigabit Ethernet interfaces and redundant power supplies
  • handle up to 1.7 Gbps of firewall throughput with the capacity to handle more than 500,000 simultaneous sessions
  • Certain PIX 535 models include an integrated hardware VPN acceleration card that delivers up to 440 Mbps of Triple Data Encryption Standard (3DES) VPN throughput and 440 Mbps of Advanced Encryption Standard-256 (AES) VPN throughput.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)