Cisco PIX 501 3DES BUNDLE CHASSIS AND SOFTWARE 10U Specification Guide
Cisco Systems, Inc.
All contents are Copyright © 1992–2004 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 4 of 11
Table 1.
Product Features and Benefits
Feature
Benefit
Enterprise-Class Security
Reliable, purpose-built security appliance
•
Uses a proprietary, hardened operating system that eliminates security risks associated
with general purpose operating systems
with general purpose operating systems
•
Combines Cisco product quality with no moving parts to provide a highly reliable
security platform
security platform
Stateful inspection firewall
•
Provides perimeter network security to prevent unauthorized network access
•
Uses state-of-the-art Cisco Adaptive Security Algorithm for robust stateful inspection
firewall services
firewall services
•
Provides flexible access-control capabilities for over 100 predefined applications,
services and protocols, with the ability to define custom applications and services
services and protocols, with the ability to define custom applications and services
•
Simplifies management of security policies by giving administrators the ability to create
re-usable network and service object groups which can be referenced by multiple
security policies, thus simplifying initial policy definition and on-going policy
maintenance
re-usable network and service object groups which can be referenced by multiple
security policies, thus simplifying initial policy definition and on-going policy
maintenance
Advanced application and protocol inspection
•
Integrates over two dozen specialized inspection engines for protocols such as
Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail Transfer
Protocol (SMTP), Domain Name System (DNS), Simple Network Management Protocol
(SNMP), SQL*Net, Network File System (NFS), H.323 Versions 1–4, Session Initiation
Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming
Protocol (RTSP), Internet Locator Service (ILS), and many more
Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail Transfer
Protocol (SMTP), Domain Name System (DNS), Simple Network Management Protocol
(SNMP), SQL*Net, Network File System (NFS), H.323 Versions 1–4, Session Initiation
Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming
Protocol (RTSP), Internet Locator Service (ILS), and many more
Cisco Easy VPN Remote (hardware VPN client)
•
Enables dramatically simplified VPN rollouts to small office/teleworker environments by
eliminating the provisioning complexities of traditional site-to-site VPN deployments
eliminating the provisioning complexities of traditional site-to-site VPN deployments
•
Downloads VPN policy dynamically from a Cisco Easy VPN Server upon connection,
ensuring the latest corporate security policies are enforced
ensuring the latest corporate security policies are enforced
•
Provides robust client-side VPN resiliency with support for up to 10 Cisco Easy VPN
Servers with automatic failover, in addition to Dead Peer Detection (DPD) support
Servers with automatic failover, in addition to Dead Peer Detection (DPD) support
•
Supports optional authentication of individual users behind a Cisco PIX Security
Appliance through an easy-to-use, Web-based interface with support for standard and
one-time passwords (including authentication tokens)
Appliance through an easy-to-use, Web-based interface with support for standard and
one-time passwords (including authentication tokens)
•
Extends VPN reach into environments using NAT or PAT, via support of Internet
Engineering Task Force (IETF) UDP-based draft standard for NAT traversal
Engineering Task Force (IETF) UDP-based draft standard for NAT traversal
•
Supports both split and non-split tunneling environments
•
Provides intelligent, transparent DNS proxy capabilities for access to both corporate and
public DNS servers
public DNS servers
Cisco Easy VPN Server
•
Provides remote access VPN concentrator services for up to 10 remote software or
hardware-based VPN clients
hardware-based VPN clients
•
Pushes VPN policy dynamically to Cisco Easy VPN Remote-enabled solutions (such as
the Cisco VPN Client) upon connection, ensuring the latest corporate security policies
are enforced
the Cisco VPN Client) upon connection, ensuring the latest corporate security policies
are enforced
•
Supports award-winning Cisco VPN Client on multiple platforms including Microsoft
Windows 98/ME/NT/2000XP, Sun Solaris, Intel-based Linux distributions, and Apple
Macintosh OS X (available separately)
Windows 98/ME/NT/2000XP, Sun Solaris, Intel-based Linux distributions, and Apple
Macintosh OS X (available separately)
Site-to-site VPN
•
Supports IKE and IPSec VPN industry standards
•
Extends networks securely over the Internet by ensuring data privacy/integrity and
strong authentication with remote networks
strong authentication with remote networks
•
Supports 56-bit DES, 168-bit 3DES, and up to 256-bit AES data encryption to ensure
data privacy
data privacy