Cisco PIX Firewall full range of products list (1)

PIX 515E Product Essentials and application environment

Cisco PIX 515E Firewall Application Environment

Cisco PIX 515E is an enhanced version of the widely used Cisco PIX 515 Platform, which provides industry-leading state firewalls and IP Security (IPSEC) virtual private network services. Cisco PIX 515E is designed for small and medium business and enterprise remote offices with stronger processing power and integrated, hardware-based IPSec acceleration.

Delivers more robust performance to meet high throughput security requirements

The Cisco PIX 515E multifunction stand-alone rack unit (1RU) chassis supports six interfaces, making it ideal for businesses that need a low-cost security solution with a DMZ support. As part of the world's leading Cisco PIX Firewall series, it can provide unmatched security, reliability, and performance for today's network users.

Cisco PIX 515E is a firewall device designed for specific requirements that provides unprecedented security. It is tightly integrated with the Cisco PIX operating System (OS), a dedicated, hardened system that eliminates the frequent vulnerabilities and performance losses that occur in a common operating environment.

The core of the system is a protection mechanism based on adaptive Security Algorithm (ASA), which can provide a stateful, connection-oriented firewall function while intercepting common denial of service (DoS) attacks.

Cisco PIX 515E is also a fully functional VPN gateway that securely transmits data on a public network. It enables intersite and remote access VPN applications through 56-bit Data Encryption Standard (DES) or 168-bit triple DES (3DES). Depending on the Cisco PIX 515E Model selected, the VPN feature can be provided as a service on the Cisco PIX OS, or through an integrated, hardware-based VPN Accelerator (VAC). This accelerator card provides up to 130Mbps throughput and 2000 IPSec tunnels.

Support for high availability can be achieved by deploying a redundant hot backup unit. This method of recovery can maintain concurrent connections through automatic State synchronization. This ensures that the process is maintained even in the event of a system failure, and that the entire switching process is completely transparent to the network user.

The firewall currently has a variety of models that provide different levels of interface density, failover capabilities, and VPN throughput.

Limited PIX515 model

The Cisco PIX 515E "Limited" (PIX 515e-r) model provides excellent value for businesses looking for a powerful Cisco PIX Firewall with minimal interface density and VPN throughput. It has 32MB of RAM and can support up to three 10/100 Fast Ethernet interfaces.

Unlimited PIX515 Models

The Cisco pix 515E "unlimited" (pix 515e-ur) model extends the functionality of this series through integrated, hardware-based VPN acceleration to support state failback, adding LAN interfaces, and increasing VPN throughput. It has an integrated VAC,64MB RAM that can support up to six 10/100 Fast Ethernet interfaces. Cisco PIX 515e-ur can also share state information with a hot-backed Cisco PIX Firewall to enable full firewall redundancy.

　　

Main characteristics and advantages of PIX515E
Performance overview
Clear-Text throughput	188Mbps
168-bit 3DES IPSec VPN throughput	130Mbps
Concurrent VPN tunnels	2000
Concurrent connections	130,000 5000/sec
Technical Specifications
Processor	433MHz Intel Celeron
Random Storage Memory	32MB, or 64MB SDRAM
Flash	16MB
Cache	128KB level two cache, frequency 433MHz
System bus	Single 32-bit, 33MHz pic bus
Power
Input (per power supply)
Line Voltage Range	100V to 240V AC or 48V DC
Rated line voltage	100V to 240V AC or 48V DC
Current	~1.5a
Frequency	50-60Hz, Single phase
Output
Steady state	50W
Peak	352
Maximum Bulk heat	410btu/hours, full use (65W)
Size and weight
Height	1.72 inches (4.37 cm), 1RU
Width	16.82 inches (42.72 cm), can be installed in a standard 19-inch rack
Thickness	11.8 inches (29.97 cm)
Weight (single power supply)	~11lbs (4.11 kg)
Extended
PCI bus	Two 32-bit/33mhz PCI
Random access memory	Two 168-pin DIMM slots (Cisco PIX OS supports up to 64MB)
Interface
Integrated network interface	Two 10/100 Fast Ethernet (RJ-45)
Console port	RS-232 (RJ-45) 9600 baud
Recovery ports	RS-232 (DB-15) 115Kbps (requires Cisco-specified cable)

　　
PIX 501 Product Essentials and application environment

　　

Application environment

The Cisco PIX 501 firewall provides enterprise-class security for small office and remote workers through a reliable, Plug and Play security device. The Cisco PIX 501 Firewall is part of the market-leading Cisco PIX Firewall series that delivers powerful security features, small office networking, and powerful remote management capabilities, especially for the security of high-speed, "sustainable" broadband environments with a compact, integrated solution.

By providing the same security features as Cisco's high-end gigabit PIX firewalls, PIX 501 delivers the rich protection that all broadband users need, through easy to use and deploy solutions.

Simple, high-speed, small office networking

The Cisco PIX 501 firewall provides a convenient way to share a broadband connection for multiple computers through its integrated, high-performance Quad-Port 10/100mbps switch. Also, the Cisco PIX Firewall can provide network address resolution (NAT) and port address resolution (PAT) and so on to hide the actual network address of your network device. Users can also use the Dynamic Host Configuration Protocol (DHCP) server built into the PIX to gain Plug and Play networking, which can automatically assign network addresses to computers under its jurisdiction after startup. The Cisco PIX 501 firewall provides the functionality necessary to seamlessly integrate with most broadband networking environments.

Powerful remote management capabilities

The PIX 501 is a reliable, maintainable platform that provides a variety of configuration, monitoring, and diagnostics. The scope of the PIX management solution is extensive-from an integrated, web-based management tool to a centralized, policy-based tool, as well as support for various remote monitoring protocols, such as Simple Network Management Protocol (SNMP) and system logs.

The PIX Device Manager (PDM) provides an intuitive, web-based interface for administrators so that they can easily configure and monitor a PIX 501 without having to install any software on the administrator's computer (other than a standard Web browser).

　　

Main characteristics and advantages of PIX501
Enterprise-Class Security
A real security device.	The use of a dedicated, enhanced operating system eliminates the security risks of the common operating system
Cisco's quality and lack of movable components provide a highly reliable security platform.
Stateful monitoring firewall	Provide perimeter network security to prevent unauthorized network access.
Use the latest adaptive Security Algorithm (ASA) to provide a robust stateful monitoring firewall service.
Provides flexible access control capabilities for more than 105 pre-defined applications, services, and protocols, and enables the customization of applications and services.
Includes a variety of "patches" that can be used to perceive applications to ensure the security of a variety of advanced network protocols (such as H.323, ISPs, skinny, RTSP, etc.).
Includes content filtering for Java applets and ActiveX controls.
Vpn	Support for IKE and IPSec VPN standards
Ensure data security/integrity, powerful, remote network authentication via the Internet
Supports 56-bit DES and 168-bit 3DES data encryption to ensure data security
Intrusion detection	Provides protection against more than 55 common network attacks, ranging from deformable packet attacks to denial of service (DoS) attacks.
Integrates with Cisco network intrusion Solutions
The detection System (IDS) detector can dynamically block/avoid a compromised network node through a firewall.
AAA Support	Integrates with common identity authentication, authorization, and accounting services through tacacs+ and RADIUS support
X.509 Authentication and CRL support	Support for SCEP based registration through the leading X.509 solutions provided by Blatimore, Entrus, Microsoft and VeriSign
Integration with leading third party solutions	supports a wide range of Cisco Avvid (voice, video, and integrated Data architecture) partner solutions that provide URL filtering, content filtering, virus detection, and scalable remote management capabilities.
A powerful small office networking feature
Integrated four-port	Provides a convenient, high-speed networked environment for small office environments through a compact, structured platform
10/100 switch	Automatic Mdix support, eliminating the need to use crossover cables for devices connected to the switch
DHCP client and server side	Automatically obtain the IP address of the firewall external interface from the telecommunications service provider
Providing IP addresses for devices on the internal network of firewalls
Nat/pat Support	Provides dynamic/static network address translation (NAT) and port address translation (PAT) features
Allow multiple users to share a broadband connection using the same public IP address
Rich management capabilities
PIX Device Manager (PDM)	Intuitive, web-based GUI enables easy, secure remote management of PIX Firewalls
Provides a variety of real-time and historical data reports that contain a great deal of information to help you get a deeper understanding of usage trends, performance, and security events.
SNMP and System log support	Provides remote monitoring and logging capabilities and integrates with Cisco and third party management applications
Performance overview
Clear-Text throughput	60Mbps
Concurrent connections	7500 380/sec
56-bit DES IPSEC VPN throughput	6Mbps
168-bit 3DES IPSec VPN throughput	3Mbps
Concurrent VPN tunnels	10

PIX 506E Product Essentials and application environment

Cisco PIX 506E Firewall Application Environment

The Cisco PIX 506E Firewall is an enhanced version of the most widely used Cisco PIX 506 Firewall, providing enterprise-class security for remote offices and branches through a robust, robust security device. The Cisco PIX 506E Firewall is part of the market-leading Cisco PIX Firewall series, offering rich security features and powerful remote management capabilities through a cost-effective, high-performance solution, especially for remote/branch-Office Internet connections. The PIX 506E also offers a higher 3DES VPN performance.

Enterprise-class security for remote office/branch Environment

The Cisco PIX 506E Firewall is a security device designed for specific requirements that provides rich security services in a single device, including stateful monitoring firewalls, virtual private networks (VPNs), and intrusion prevention. Using Cisco's newest adaptive Security Algorithm (ASA) and the PIX operating system, the PIX 506E ensures that all subsequent users are secure and can help them protect against potential Internet threats. Its powerful stateful monitoring technology can track network requests from all authorized users to prevent unauthorized network access. Using the PIX 506E Flexible access control feature, administrators can also implement customized policies for network traffic through firewalls. The PIX 506E integrates seamlessly with your back-end enterprise database so that external access to network resources can be rigorously validated by directly using Tacacs/radius or indirectly using the Cisco Secure Access Control Server (ACS).

The Cisco PIX 506E firewall can also leverage its standards-based Internet Key Exchange (IKE)/IP Security (IPSEC) VPN capabilities to ensure the security of all network traffic between the remote office and the corporate network over the Internet. By encrypting data with 56-bit Data Encryption Standard (DES) or optional advanced 168-bit triple DES (3DES) encryption, you will not be able to peek into your sensitive enterprise data when it is securely transmitted across the Internet.

The Integrated Intrusion Prevention feature of the PIX 506E prevents your network from being exposed to a variety of common attacks. By looking for more than 55 different attacks "signatures," PIX can rigorously detect various attacks and can intercept them or notify you in real time.

Powerful remote management capabilities

Cisco PIX 506E is a reliable, maintainable platform that provides a variety of configuration, monitoring, and diagnostics. The scope of the PIX management solution is extensive-from an integrated, web-based management tool to a centralized, policy-based tool, as well as support for various remote monitoring protocols, such as Simple Network Management Protocol (SNMP) and system logs.

The PIX Device Manager (PDM) provides an intuitive, web-based interface for administrators so that they can easily configure and monitor a pix 506E without having to install any software on the administrator's computer (other than a standard Web browser). The command line interface (CLI) provided by the PIX 506E enables administrators to remotely configure, monitor, and diagnose pix 506E in a variety of ways, including remote login, security Interpreter (SSH), and Out-of-band access via control ports.

Main characteristics and advantages of pix506e
Enterprise-Class Security
A real security device.	The use of a dedicated, enhanced operating system eliminates the security risks of the common operating system
Cisco's quality and lack of movable components provide a highly reliable security platform.
Stateful monitoring firewall	Provides border network security to prevent unauthorized network access.
Use the latest adaptive Security Algorithm (ASA) to provide a robust stateful monitoring firewall service.
Provides flexible access control capabilities for more than 100 pre-defined applications, services, and protocols, and enables the customization of applications and services.
Includes a variety of "patches" that can be used to perceive applications to ensure the security of a variety of advanced network protocols (such as H.323, ISPs, skinny, RTSP, etc.).
Includes content filtering for Java applets and ActiveX controls.
Vpn	Support for IKE and IPSec VPN standards
Ensure data security/integrity, powerful, remote network and remote user authentication via the Internet
Supports 56-bit DES and 168-bit 3DES data encryption to ensure data security
Intrusion detection	Provides protection against more than 55 common network attacks, ranging from deformable packet attacks to denial of service (DoS) attacks.
Integrates with Cisco network intrusion Solutions
The detection System (IDS) detector can dynamically block/avoid a compromised network node through a firewall.
AAA Support	Integrates with common identity authentication, authorization, and accounting services through tacacs+ and RADIUS support
Tight integration with Cisco Secure Access control server (ACS)
X.509 Authentication and CRL support	Support for SCEP based registration through the leading X.509 solutions provided by Blatimore, Entrus, Microsoft and VeriSign
Integration with leading third party solutions	supports a wide range of Cisco Avvid (voice, video, and integrated Data architecture) partner solutions that provide URL filtering, content filtering, virus detection, and scalable remote management capabilities.
Performance overview
Clear-Text throughput	100Mbps
56-bit DES IPSEC VPN throughput	20Mbps
168-bit 3DES IPSec VPN throughput	16Mbps
Concurrent connections	25,000 700/sec
Concurrent VPN tunnels	25

PIX 515E Product Essentials and application environment

Cisco PIX 515E Firewall Application Environment

Cisco PIX 515E is an enhanced version of the widely used Cisco PIX 515 Platform, which provides industry-leading state firewalls and IP Security (IPSEC) virtual private network services. Cisco PIX 515E is designed for small and medium business and enterprise remote offices with stronger processing power and integrated, hardware-based IPSec acceleration.

Delivers more robust performance to meet high throughput security requirements

The Cisco PIX 515E multifunction stand-alone rack unit (1RU) chassis supports six interfaces, making it ideal for businesses that need a low-cost security solution with a DMZ support. As part of the world's leading Cisco PIX Firewall series, it can provide unmatched security, reliability, and performance for today's network users.

Cisco PIX 515E is a firewall device designed for specific requirements that provides unprecedented security. It is tightly integrated with the Cisco PIX operating System (OS), a dedicated, hardened system that eliminates the frequent vulnerabilities and performance losses that occur in a common operating environment.

The core of the system is a protection mechanism based on adaptive Security Algorithm (ASA), which can provide a stateful, connection-oriented firewall function while intercepting common denial of service (DoS) attacks.

Cisco PIX 515E is also a fully functional VPN gateway that securely transmits data on a public network. It enables intersite and remote access VPN applications through 56-bit Data Encryption Standard (DES) or 168-bit triple DES (3DES). Depending on the Cisco PIX 515E Model selected, the VPN feature can be provided as a service on the Cisco PIX OS, or through an integrated, hardware-based VPN Accelerator (VAC). This accelerator card provides up to 130Mbps throughput and 2000 IPSec tunnels.

Support for high availability can be achieved by deploying a redundant hot backup unit. This method of recovery can maintain concurrent connections through automatic State synchronization. This ensures that the process is maintained even in the event of a system failure, and that the entire switching process is completely transparent to the network user.

The firewall currently has a variety of models that provide different levels of interface density, failover capabilities, and VPN throughput.

Limited PIX515 model

The Cisco PIX 515E "Limited" (PIX 515e-r) model provides excellent value for businesses looking for a powerful Cisco PIX Firewall with minimal interface density and VPN throughput. It has 32MB of RAM and can support up to three 10/100 Fast Ethernet interfaces.

Unlimited PIX515 Models

The Cisco pix 515E "unlimited" (pix 515e-ur) model extends the functionality of this series through integrated, hardware-based VPN acceleration to support state failback, adding LAN interfaces, and increasing VPN throughput. It has an integrated VAC,64MB RAM that can support up to six 10/100 Fast Ethernet interfaces. Cisco PIX 515e-ur can also share state information with a hot-backed Cisco PIX Firewall to enable full firewall redundancy.

　　

Main characteristics and advantages of PIX515E
Performance overview
Clear-Text throughput	188Mbps
168-bit 3DES IPSec VPN throughput	130Mbps
Concurrent VPN tunnels	2000
Concurrent connections	130,000 5000/sec
Technical Specifications
Processor	433MHz Intel Celeron
Random Storage Memory	32MB, or 64MB SDRAM
Flash	16MB
Cache	128KB level two cache, frequency 433MHz
System bus	Single 32-bit, 33MHz pic bus
Power
Input (per power supply)
Line Voltage Range	100V to 240V AC or 48V DC
Rated line voltage	100V to 240V AC or 48V DC
Current	~1.5a
Frequency	50-60Hz, Single phase
Output
Steady state	50W
Peak	65W
Maximum Bulk heat	410btu/hours, full use (65W)
Size and weight
Height	1.72 inches (4.37 cm), 1RU
Width	16.82 inches (42.72 cm), can be installed in a standard 19-inch rack
Thickness	11.8 inches (29.97 cm)
Weight (single power supply)	~11lbs (4.11 kg)
Extended
PCI bus	Two 32-bit/33mhz PCI
Random access memory	Two 168-pin DIMM slots (Cisco PIX OS supports up to 64MB)
Interface
Integrated network interface	Two 10/100 Fast Ethernet (RJ-45)
Console port	RS-232 (RJ-45) 9600 baud
Recovery ports	RS-232 (DB-15) 115Kbps (requires Cisco-specified cable)