Cisco Systems and 7200 Manual De Usuario
5-1
VPN and Security Products at a Glance
C H A P T E R
C
H
AP
T
T
E
R
5
VPN AND
SECURIT
Y
PRODUCTS
5
VPN and Security Products
VPN and Security Products at a Glance
Product
Features
Page
Cisco PIX Security
Appliance
Appliance
Market-leading, purpose-built appliances which provide broad range of integrated security
services
• Robust stateful inspection firewalling with application awareness
• High-performance and scalable remote access and site-to-site VPN
• Intrusion protection with for real-time response to network attacks
• Enhanced routing and network integration
• Extensive support for multimedia and VoIP applications
• Award-winning firewall stateful failover for enterprise-class resiliency
services
• Robust stateful inspection firewalling with application awareness
• High-performance and scalable remote access and site-to-site VPN
• Intrusion protection with for real-time response to network attacks
• Enhanced routing and network integration
• Extensive support for multimedia and VoIP applications
• Award-winning firewall stateful failover for enterprise-class resiliency
Firewall Blade for
Catalyst 6500
Catalyst 6500
Firewall Module is a high performance integrated stateful firewall solution for Catalyst 6500 family
of switches with performance exceeding 5GB. It is based on proven PIX technology while
providing the following benefits to the customers
• Investment protection
• Low cost of ownership
• Ease of use
• Operational Consistency
• Scalability
See the Catalyst 6500 Series Switch in Chapter 2: LAN Switching, page 2-22, for more information
of switches with performance exceeding 5GB. It is based on proven PIX technology while
providing the following benefits to the customers
• Investment protection
• Low cost of ownership
• Ease of use
• Operational Consistency
• Scalability
See the Catalyst 6500 Series Switch in Chapter 2: LAN Switching, page 2-22, for more information
2-22
Cisco VPN 3000 Family
Remote access Virtual Private Network platform
• Has models for all size companies, from small to large enterprise organizations
• Reduces communications expenditures
• Enables users to easily add capacity and throughput
• Has models for all size companies, from small to large enterprise organizations
• Reduces communications expenditures
• Enables users to easily add capacity and throughput
Cisco IDS Network
Sensor
Sensor
Network-based, real-time intrusion detection system capable of monitoring an entire enterprise
network:
• Capable of directing and forwarding alarms between local, regional, and headquarters-based
network:
• Capable of directing and forwarding alarms between local, regional, and headquarters-based
monitoring consoles
• Scalable architecture to allow the deployment of large numbers of sensors in order to provide
comprehensive security coverage in large networks
• Tight integration into the network through the delivery of the IDS Network Module for the Cisco
Access Routers and the IDSM2 for the Catalyst 6500 switches
• CTR (Cisco Threat Response) delivers adaptive scan techniques to minimize false alarms
• Broad range of management options
• Broad range of management options
Cisco Security Agent
The Cisco Security Agent provides threat protection for desktop and server computing systems
by identifying and preventing malicious activity. By acting on threats or attacks before they can
occur, Cisco Security Agent removes known and unknown security risks to enterprise networks
and applications:
• The Cisco Security Agent aggregates and extends multiple endpoint security functions by
by identifying and preventing malicious activity. By acting on threats or attacks before they can
occur, Cisco Security Agent removes known and unknown security risks to enterprise networks
and applications:
• The Cisco Security Agent aggregates and extends multiple endpoint security functions by
providing host intrusion prevention, distributed firewall, malicious mobile code protection,
operating system integrity assurance, and audit log consolidation all within a single agent
package
operating system integrity assurance, and audit log consolidation all within a single agent
package
• Protects against know and unknown attacks on both servers and desktops
Cisco Secure Access
Control Server (ACS) for
Windows and Cisco
Secure Access Control
Solution Engine
Control Server (ACS) for
Windows and Cisco
Secure Access Control
Solution Engine
A centralized identity networking solution that simplifies user-management experience across all
Cisco devices and security-management applications. An essential component of the Cisco
Identity Based Networking Services (IBNS) architecture, it extends access security by combining
authentication, user and administrator access, and policy control from a centralized identity
networking framework. This allows greater flexibility and mobility, increased security, and user
productivity gains. It helps ensure enforcement of assigned policies by allowing network
administrators to control: Who can log in to the network, Privileges each user has in the network,
and Security audit or account billing information that is recorded
Cisco devices and security-management applications. An essential component of the Cisco
Identity Based Networking Services (IBNS) architecture, it extends access security by combining
authentication, user and administrator access, and policy control from a centralized identity
networking framework. This allows greater flexibility and mobility, increased security, and user
productivity gains. It helps ensure enforcement of assigned policies by allowing network
administrators to control: Who can log in to the network, Privileges each user has in the network,
and Security audit or account billing information that is recorded