Cisco Cisco MGX-FRSM-HS2 B Serial Frame Service Module Aggregierten Daten
Product Bulletin
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 4
What’s New in Cisco Firewall Services Module Software
Version 3.2 and Cisco Adaptive Security Device Manager
Version 5.2F
Version 3.2 and Cisco Adaptive Security Device Manager
Version 5.2F
PB385035
The Cisco
®
Firewall Services Module (FWSM) for Cisco Catalyst
®
6500 Series
switches and Cisco 7600 Series routers is a high-performance, integrated stateful
inspection firewall with application and protocol inspection engines. It provides 5.5 Gbps
of throughput; 100,000 connections per second; and one million concurrent connections.
Additionally, clustering solutions with the FWSM can seamlessly deliver more than 20
Gbps of throughput per chassis. Cisco FWSM Software Version 3.2 is configured and
monitored by the integrated, Web-GUI-based Cisco Adaptive Security Device Manager
(ASDM) Version 5.2F. For remote multidevice management, Cisco FWSM Software
Version 3.2 is configured and managed by Cisco Security Manager Version 3.1.
Cisco FWSM Software Version 3.2 provides:
●
Core firewall enhancements
●
Additional intelligent network services
●
Management enhancements
●
Cut-through proxy enhancements
●
Voice and mobile inspection engine enhancements
Cisco FWSM Software Version 3.2 Release Highlights
Table 1 lists new features in Cisco FWSM Software Version 3.2.
Table 1.
New Features in Cisco FWSM Software Version 3.2
Features
Benefits
Core Firewall Enhancements
Network Address Translation (NAT) bypass
Enhances scalability by not creating NAT translate entries
when no NAT control or NAT exempt is used.
when no NAT control or NAT exempt is used.
Selective TCP state bypass
Selectively bypass TCP state checks for configured traffic
classes. This is useful for allowing certain traffic to flow
through in asymmetric routing scenarios when two FWSMs
are in different locations that are not Layer 2-adjacent.
classes. This is useful for allowing certain traffic to flow
through in asymmetric routing scenarios when two FWSMs
are in different locations that are not Layer 2-adjacent.
BGP Stub
New License feature
Allows interoperability with a single BGP Peer that enables
dynamic routing in single and virtual firewall modes.
dynamic routing in single and virtual firewall modes.
Not available in transparent firewall
Timeout on a per-flow basis for non-TCP flows
Cisco FWSM Software Version 3.1 provides timeout on a
per-flow basis for TCP flows. Version 3.2 adds non-TCP
flow support for timeout per flow.
per-flow basis for TCP flows. Version 3.2 adds non-TCP
flow support for timeout per flow.
Intelligent Network Services
Transparent Network and Port Address Translation (NAT
and PAT)
and PAT)
Provides NAT and PAT support in transparent firewall
mode. This simplifies network configuration for upstream
routers, especially in a multiple-ISPs scenario.
mode. This simplifies network configuration for upstream
routers, especially in a multiple-ISPs scenario.