Cisco PIX 525 Datasheet page 5

All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Table 1. Product Features and Benefits
Feature Benefit
Reliable and Expandable Security Appliance
Purpose-Built Security ● Uses a proprietary, hardened operating system that eliminates the security risks associated
Appliance with general purpose operating systems
● Combines Cisco product quality with no moving parts to provide a highly reliable security
platform
Fast Ethernet and Gigabit ● Supports easy installation of additional network interfaces via three PCI expansion slots
Ethernet Expansion
● Supports expansion cards including single-port Fast Ethernet, four-port Fast Ethernet, and
Options
single-port Gigabit Ethernet cards
● Delivers high speed VPN services through the addition of either a VPN Accelerator Card
Hardware VPN
Acceleration (VAC) or a VPN Accelerator Card+ (VAC+)—Unrestricted (UR), Failover (FO), and Failover-
Active/Active (FO AA) models have integrated hardware VPN acceleration services
Integration with Leading ● Supports the broad range of Cisco Technology Developer partner solutions that provide URL
Third-Party Solutions filtering, content filtering, virus protection, scalable remote management, and more
Industry Certifications and ● Earned numerous leading industry certifications and evaluations, including:
Evaluations
● Common Criteria Evaluated Assurance Level 4 (EAL4)
● FIPS 140-2, Level 2 Validation
Advanced Firewall Services
● Provides wide-range of perimeter network security services to prevent unauthorized network
Stateful Inspection Firewall
access
● Delivers robust stateful inspection firewall services which track the state of all network
communications
● Provides flexible access-control capabilities for more than 100 predefined applications,
services, and protocols, with the ability to define custom applications and services
● Supports inbound/outbound ACLs for interfaces, time-based ACLs, and per-user/per-group
policies for improved control over network and application usage
● Simplifies management of security policies by giving administrators the ability to create re-
usable network and service object groups that can be referenced by multiple security policies,
simplifying initial policy definition and ongoing policy maintenance
Advanced Application and ● Integrates 30 specialized inspection engines that provide rich application control and security
Protocol Inspection services for protocols such as Hypertext Transfer Protocol (HTTP), File Transfer Protocol
(FTP), Extended Simple Mail Transfer Protocol (ESMTP), Domain Name System (DNS),
Simple Network Management Protocol (SNMP), Internet Control Message Protocol (ICMP),
SQL*Net, Network File System (NFS), H.323 Versions 1-4, Session Initiation Protocol (SIP),
Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), GPRS
Tunneling Protocol (GTP), Internet Locator Service (ILS), Sun Remote Procedure Call (RPC),
and many more
Modular Policy Framework ● Provides a powerful, highly flexible framework for defining flow- or class-based policies,
enabling administrators to identify a network flow or class based on a variety of conditions,
and then apply a set of customizable services to each flow/class
● Improves control over applications by introducing ability to have flow- or class-specific
firewall/inspection policies, QoS policies, connection limits, connection timers, and more
Security Contexts ● Enables creation of multiple security contexts (virtual firewalls) within a single Cisco PIX
Security Appliance, with each context having its own set of security policies, logical interfaces,
and administrative domain
● Supports four licensed levels of security contexts: 5, 10, 20, and 50 (maximum number of
security contexts supported based on model of Cisco PIX Security Appliance)
● Provides businesses a convenient way of consolidating multiple firewalls into a single physical
appliance or failover pair, yet retaining the ability to manage each of these virtual instances
separately
● Enables service providers to deliver resilient multi-tenant firewall services with a pair of
redundant appliances
● Supports deployment of a Cisco PIX Security Appliance in a secure Layer 2 bridging mode,
Layer 2 Transparent
Firewall providing rich Layer 2—7 firewall security services for the protected network while remaining
"invisible" to devices on each side of it
● Simplifies Cisco PIX Security Appliance deployments in existing network environments by not
requiring businesses to re-address the protected networks
● Supports creation of Layer 2 security perimeters by enforcing administrator defined Ethertype-
based access control policies for Layer 2 network traffic
Data Sheet
Page 5 of 13