Cisco Cisco ASA 5520 Adaptive Security Appliance 백서
Cisco and Public Sector Cyberdefense
14
Response and
Recovery in the
Data Center
Recovery in the
Data Center
Assessment in the Data Center
Virtualization becomes even more important when combined with the
virtual services capabilities of the FWSM for the Cisco Catalyst 6500
Series switch. A single FWSM can be partitioned into a maximum of
250 virtual firewalls (security contexts) in FWSM 3.1, allowing you to
implement policies for different user groups or functional areas (such as
DMZs) over the same physical infrastructure. This reduces the cost and
complexity of managing multiple devices. The Resource Manager helps
ensure high availability by limiting resource usage per context. Role-
based management allows multiple IT owners to configure and manage
network and application-layer security policies. (See Figure 4.)
virtual services capabilities of the FWSM for the Cisco Catalyst 6500
Series switch. A single FWSM can be partitioned into a maximum of
250 virtual firewalls (security contexts) in FWSM 3.1, allowing you to
implement policies for different user groups or functional areas (such as
DMZs) over the same physical infrastructure. This reduces the cost and
complexity of managing multiple devices. The Resource Manager helps
ensure high availability by limiting resource usage per context. Role-
based management allows multiple IT owners to configure and manage
network and application-layer security policies. (See Figure 4.)
Figure 4 FWSM Virtual Firewalls
The Cisco FWSM provides industry-leading 100,000 connections per
second, 5 Gbps throughput, and 1 million concurrent connections. Up to
four FWSMs can be deployed in the same chassis for a total of 20 Gbps
throughput. A single FWSM can support up to 1000 virtual interfaces
(256 per context), and a single chassis can scale up to a maximum
of 4000 VLANs. Full firewall protection is applied across the switch
backplane, giving the lowest latency figures (30 microseconds for small
frames) possible. FWSM is based on high-speed network processors
that provide high performance but retain the flexibility of general-
purpose CPUs.
second, 5 Gbps throughput, and 1 million concurrent connections. Up to
four FWSMs can be deployed in the same chassis for a total of 20 Gbps
throughput. A single FWSM can support up to 1000 virtual interfaces
(256 per context), and a single chassis can scale up to a maximum
of 4000 VLANs. Full firewall protection is applied across the switch
backplane, giving the lowest latency figures (30 microseconds for small
frames) possible. FWSM is based on high-speed network processors
that provide high performance but retain the flexibility of general-
purpose CPUs.
The business cases for virtualized, firewalled user groups in the federal
government are many:
government are many:
• Differentiating access to information between federal employees,
contractors, and the general public
• Limiting access to national security-related material
• Complying with standards on information security
• Protecting confidential information such as social security numbers or
health-related data
Continue
Previous