![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() |
This chapter provides information on the Cisco PIX Firewall. The information is organized into the following sections:
Cisco Systems' PIX Firewall provides full firewall security protection that completely conceals the architecture of an internal network from the outside world.
PIX Firewall operates on a secure real-time kernel, not UNIX, which provides another level of security. PIX Firewall provides firewall security without the administrative overhead and risks associated with UNIX-based firewall systems. The network administrator is provided with complete auditing of all transactions, including attempted break-ins. PIX Firewall offers controlled access to the Internet. Its streamlined software is scalable and simple to configure; typical configuration takes five minutes. It offers a high performance, inexpensive, and low-maintenance firewall solution that protects your internal network from unauthorized access.
PIX Firewall allows secure access to the Internet from within existing private networks. PIX Firewall utilizes a protection scheme called stateful network address translation (NAT), which shields your internal network from the Internet. Stateful means that it tracks the source and destination ports plus addresses, TCP sequence numbers, and additional TCP flags. PIX Firewall gives your organization the protection of allowing internal users access to the Internet, while protecting your internal network from unauthorized access.
The PIX Firewall also provides an additional benefit to your organization by providing the ability to expand and reconfigure TCP/IP networks without being concerned about a shortage of IP addresses. NAT makes it possible to use either existing IP addresses or the addresses set aside in the Internet Assigned Numbers Authority's (IANA's) reserve pool (RFC 1918).
Encryption is available with the Cisco PIX Firewall Private Link, a card that provides secure communication between multiple PIX Firewall systems over the Internet using the Data Encryption Standard (DES).
Figure 150 : PIX Firewall Front View
Figure 151 : PIX Firewall Rear View
PIX Firewall includes the following features:
PIX Firewall provides the following benefits:
PIX Firewall provides the following features that support adaptive security:
Table 320 : PIX Firewall Summary of Features
Description | Feature |
---|---|
Dimensions (H x W x D) | 7 x 19 x 19" (17.8 x 48.3 x 48.3 cm) |
Weight | 21 lbs (9.5 kg) |
Hardware | 19-in. rack-mount enclosure
2 Ethernet interfaces (inside and outside) DB-9 EIA/TIA-232 console interface port 3.5-in. diskette drive Lockable front panel |
Compatibility | 10BaseT, thick or thin Ethernet or 10/100 BaseT
Internet Protocol standards: IP, TCP, UDP, ICMP |
Power requirements | 115 VAC±10%, 47-63 Hz, 2.5A
230 VAC±10%, 47-63 Hz, 1.3A |
Available software sessions (based on simultaneous TCP/IP connections) | 32, 256, 1024, 4096, 16,384 |
Table 321 : PIX Firewall Environmental Specifications
Description | Specification |
---|---|
Temperature
Operating Storage |
0 to 131°F (0 to 55°C) --40 to 131°F (--40 to 55°C) |
Humidity
Operating Storage |
85% relative humidity maximum at 55°C 92% relative humidity maximum at 55°C |
Altitude
Operating Storage |
10,000' (3,048 m) 50,000' (15,240 m) |
Table 322 lists the product numbers you can use to order PIX Firewall or upgrade an existing configuration. For documentation product numbers, refer to the "Internet Products" section in the "Documentation" chapter, later in this catalog.
Table 322 : PIX Firewall Product Numbers
Description | Product Number |
---|---|
PIX Firewall | PIX |
2 Ethernet interfaces | PIX-2E |
2 Ethernet interfaces (spare) | PIX-2E= |
2 Fast Ethernet interfaces | PIX-2FE |
2 Fast Ethernet interfaces (spare) | PIX-2FE= |
Private Link Encryption | PIX-PL |
Private Link Encryption (spare) | PIX-PL= |
Standard cord options | CAB-AC
CAB-ACE CAB-ACI CAB-ACU CAB-ACA |
PIX software for 32 users | SW-PIX-32 |
PIX software for 256 users | SW-PIX-256 |
PIX software for 1024 users | SW-PIX-1024 |
PIX software for 4096 users | SW-PIX-4096 |
PIX software for 16384 users | SW-PIX-16384 |
PIX software upgrade, 32 to 256 users | SW-PIX-32-256= |
PIX software upgrade, 32 to 1024 users | SW-PIX-32-1024= |
PIX software upgrade, 32 to 4096 users | SW-PIX-32-4096= |
PIX software upgrade, 32 to 16384 users | SW-PIX-32-16384= |
PIX software upgrade, 256 to 1024 users | SW-PIX-256-1024= |
PIX software upgrade, 256 to 4096 users | SW-PIX-256-4096= |
PIX software upgrade, 256 to 16384 users | SW-PIX-256-16384= |
PIX software upgrade, 1024 to 4096 users | SW-PIX-1024-4096= |
PIX software upgrade, 1024 to 16384 users | SW-PIX-1024-16384= |
PIX software upgrade, 4096 to 16384 users | SW-PIX-4096-16384= |
PIX software version update | SW-PIX-VER= |
PIX SMARTnet maintenance | CON-SNT-PIX |
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() |
Copyright 1988-1996 © Cisco Systems Inc.