REQUEST A PRICE QUOTE:

Name*

Phone

Email*

Company*

Details*

Cisco Systems PIX 520 Firewall Series

Included

• 1 x Cisco Systems PIX 520 Firewall Series

Key Features and Benefits

• Non-UNIX, secure, real-time, embedded system

This design eliminates the risks associated with a general purpose operating system and allows the Cisco PIX Firewall

series to deliver outstanding performance—more than 256,000 simultaneous connections[mdash]dramatically greater

than any UNIX-based firewall.

• Less complex and more robust than packet-filtering; higher performance and more scalable than application proxy firewalls

The heart of the PIX Firewall series is the adaptive security algorithm (ASA), which maintains the secure perimeters

between the networks controlled by the firewall. The stateful, connection-oriented ASA design creates session flows

based on source and destination addresses, TCP sequence numbers (which are non-predictable), port numbers, and

additional TCP flags. All inbound and outbound traffic is controlled by applying security policy to connection table entries.

• User authentication and authorization with cut-through proxy

Cisco’s PIX Firewall series gains further dramatic performance advantage through its patented method of transparently

verifying the identity of users at the firewall and permitting or denying access to any TCP- or UDP-based application.

This method eliminates the price/performance impact UNIX-based firewalls impose in similar configurations, and

leverages the authentication and authorization services of CiscoSecure Access Control Server. For more information on

CiscoSecure Access Control Server, available for both Windows NT and UNIX (Solaris), see the chapter “CiscoSecure

Access Control Server Software.”

• Centralized configuration and management with the PIX Firewall Manager

This Java-based graphical user interface (GUI) configuration tool lets the administrator use a Web browser to retrieve,

edit, and centrally manage security policies. Separate tabs provide access to configuration information common to all PIX

Firewalls being managed and to built-in reports for user-based accounting for web sites visited and volume of files

transferred. The PIX Firewall Manager can automatically provide real-time alerts of any attempted firewall breaches

through e-mail or pager notification.

• Failover/hot standby upgrade option

The PIX Firewall failover option ensures high availability and eliminates a single point of failure.With two PIX Firewalls

running in parallel, if one malfunctions, the second PIX Firewall transparently maintains security operations.

• Synchronized configurations for effective recovery from hardware failure

Simplified TFTP boot function allows consistent synchronization of multiple device configurations.

PIX Firewall Software

• Connection licenses available for 128, 1024, and Unrestricted (more than 256,000) simultaneous connections

• Adaptive security algorithm (ASA)

• Cut-through proxy authenticates, authorizes, and enhances performance

• Multiple interface support (10/100 Mbps ethernet, Token Ring, FDDI)

• Up to 4 interfaces

• Failover/hot standby; synchronized configurations

• True Network Address Translation (NAT) as specified in RFC 1631

• Port Address Translation (PAT) further expands a company’s address pool-one IP address supports more than 64,000 hosts

• Mail Guard removes need for external mail relay server in perimeter network

• TACACS+, Radius authentication

• DNS Guard transparently protects outbound name and address lookups

• Flood Guard and Fragmentation Guard protect against denial of service attacks

• Java blocking eliminates potentially dangerous Java applets (not compressed or archived)

• Extremely high-performance URL filtering that surpasses the competition in any enterprise-scale network

• Cisco IOS-style command-line interface

• Extended authentication, authorization, and accounting capabilities

• Net Aliasing transparently merges overlapping networks with the same IP address space

• Enhanced granularity of inbound access (conduits)

• No translation choice allows use of existing registered IP addresses

• Extended access lists

• Ability to customize protocol ports

• Support for private networking of virtual sites at greater than 45MB using Cisco proprietary Private Link 2.

• Enhanced customization of syslog messages

• Simple Network Management Protocol (SNMP) and syslog for remote management

• Reliable syslogging using either TCP or UDP

• Extended transparent application support (both with and without NAT enabled) includes:

-Sun remote procedure call (RPC)

-Microsoft Networking client and server communication (NetBIOS over IP) using NAT

-Multimedia, including Progressive Networks’ RealAudio, Xing Technologies’ Streamworks, White Pines’ CuSeeMe,

Vocal Tec’s Internet Phone, VDOnet’s VDOLive, Microsoft’s NetShow, VXtreme Web Theatre 2; and Intel’s Internet

Video Phone and Microsoft’s NetMeeting (based on H.323 standards)

-Oracle SQL*Net client and server communication