Cisco Cisco Catalyst 6500 Series Firewall Services Module 集約されたデータ
Cisco Systems, Inc.
All contents are Copyright © 1992–2004 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 1 of 5
PRODUCT BULLETIN NO. 2518
CISCO FIREWALL SERVICES MODULE SOFTWARE RELEASE 2.2(1) FOR
CISCO CATALYST 6500 SWITCHES AND CISCO 7600 SERIES ROUTERS
CISCO CATALYST 6500 SWITCHES AND CISCO 7600 SERIES ROUTERS
The Firewall Services Module (FWSM) is an integrated security module for Cisco
®
Catalyst
®
6500 Series switches
and 7600 Series routers that provides stateful Layer 7 filtering capabilities. Cisco is announcing FWSM Software
Release 2.2(1). The major new features supported in this release include virtualization at Layers 2 and 3 and
resource management.
The Self-Defending Network is Cisco Systems’ long-term strategy to allow organizations to identify, prevent, and adapt to threats using
security that is integrated into all aspects of their connected business processes—incorporating secure connectivity, threat defense, and trust and
identity technologies. The FWSM is a critical element of the Cisco Threat Defense System—its unique integration of robust security services
with network intelligence offers scalable, resilient protection from threats.
Investment protection is the primary metric by which all next-generation switches are judged. No longer are CEOs and CIOs seeking to perform
wholesale equipment replacements for performance upgrades within their networks. Equipment vendors will be required to perform upgrades to
equipment by simply changing switch fabrics and adding additional higher-performance line modules. The FWSM helps to preserve a
company’s existing investment in Cisco Catalyst switches by adding to the existing devices, rather than rebuilding the entire network for
security purposes
Network virtualization blends the economics and efficiencies of shared systems with the integrity, performance, and security of independent
systems. The virtualized FWSM delivers multiple firewalls on one physical hardware platform. Network administrators
can configure, deploy, and manage these firewalls as if they were separate devices. They can also partition and manage resources
independently, and allocate different quantities to specific applications.
Network virtualization technology allows corporations to not only increase network resource usage and exert more control over resources and
their allocation, but also to gain flexibility and speed in scaling the resources. Using virtualization to reduce the number of physical devices in a
network significantly reduces the cost and complexity of managing a network infrastructure.
Cisco FWSM Software 2.2(1) includes the features listed in Table 1.
Table 1. Cisco FWSM Software 2.2(1) Features
Feature
Description
Virtualization
(Security Contexts)
(Security Contexts)
Allows the customer to split a single Cisco FWSM into multiple logical security contexts.
Two security contexts come free as part of the base software release. For additional
security contexts, you need to buy the appropriate licenses.
Two security contexts come free as part of the base software release. For additional
security contexts, you need to buy the appropriate licenses.
At Layer 3, the virtualization feature supports:
•
100 security contexts
•
1000 interfaces (maximum per FWSM)
•
256 interfaces per virtual security context
•
250 interfaces for failover tracking interfaces
Transparent Firewall
Known as a Layer 2 firewall or “stealth firewall.” It is not seen as a router hop to connected
devices. In Layer 2, this feature supports:
devices. In Layer 2, this feature supports:
•
100 transparent security contexts
•
Two interfaces per transparent firewall
•
Layer 2 access control lists (ACLs)