Cisco Systems Cisco PIX 500 manual Product Specifications

Page 4

Upsell Guide—

Migrating Cisco PIX Requests to Cisco ASA 5500 Sales

At-A-Glance

 

ASA5520-SSL500-K9

6621351

Cisco ASA 5520 SSL/IPsec VPN Edition, 750 IPsec VPN and 500 SSL VPN peers, firewall services, 4 Gigabit Ethernet ports, 1 Fast Ethernet interface

 

 

 

 

 

ASA5540-K8

6605511

Cisco ASA 5540 Firewall Edition, 4 Gigabit Ethernet ports + 1 Fast Ethernet interface, 5000 IPsec VPN and 2 SSL VPN peers, DES

 

 

 

 

 

ASA5540-BUN-K9

5822783

Cisco ASA 5540 Firewall Edition, 4 Gigabit Ethernet ports + 1 Fast Ethernet interface, 5000 IPsec VPN and 2 SSL VPN peers, 3DES/AES

 

 

 

 

 

ASA5540-AIP20-K9

5822804

Cisco ASA 5540 IPS Edition, AIP-SSM-20 module, Firewall services, 5000 IPsec VPN and 2 SSL VPN peers, 4 Gigabit Ethernet ports, 1 Fast Ethernet interface

 

 

 

 

 

ASA5540-SSL1000-K9

6653547

Cisco ASA 5540 SSL/IPsec VPN Edition, 5000 IPsec VPN and 1000 SSL VPN peers, firewall services, 4 Gigabit Ethernet ports, 1 Fast Ethernet interface

 

 

 

 

 

ASA5540-SSL2500-K9

6653555

Cisco ASA 5540 SSL/IPsec VPN Edition, 5000 IPsec VPN and 2500 SSL VPN peers, firewall services, 4 Gigabit Ethernet ports, 1 Fast Ethernet interface

 

 

 

 

Cisco PIX 535

ASA5550-K8

6772781

Cisco ASA 5550 Firewall Edition, 8 Gigabit Ethernet ports + 1 Fast Ethernet interface, 4 Gigabit SFP ports, 5000 IPsec VPN and 2 SSL VPN peers, DES

 

 

 

 

 

ASA5550-BUN-K9

6772802

Cisco ASA 5550 Firewall Edition, 8 Gigabit Ethernet ports + 1 Fast Ethernet interface, 4 Gigabit SFP ports, 5000 IPsec VPN and 2 SSL VPN peers, 3DES/AES

 

 

 

 

 

ASA5550-SSL2500-K9

6772811

Cisco ASA 5550 SSL/IPsec VPN Edition, 5000 IPsec VPN and 2500 SSL VPN peers, firewall services, 8 Gigabit Ethernet ports, 1 Fast Ethernet interface

 

 

 

 

 

ASA5550-SSL5000-K9

6772829

Cisco ASA 5550 SSL/IPsec VPN Edition, 5000 IPsec VPN and 5000 SSL VPN peers, firewall services, 8 Gigabit Ethernet ports, 1 Fast Ethernet interface

 

 

 

 

Product Specifications

ACRONYMS

SSC: Security Services Card, SSM: Security Services Module, AIP-SSM:Advanced Inspection and Prevention Security Services Module, CSC-SSM:Content Security and Control Security Services Module, 4GE-SSM:4 Gigabit Ethernet Security Services Module

 

Cisco ASA 5505

Cisco ASA 5510

Cisco ASA 5520

Cisco ASA 5540

Cisco ASA 5550

 

 

 

 

 

 

Users and nodes

10, 50, or unlimited

Unlimited

Unlimited

Unlimited

Unlimited

 

 

 

 

 

 

Firewall throughput

Up to 150 Mbps

Up to 300 Mbps

Up to 450 Mbps

Up to 650 Mbps

Up to 1.2 Gbps

 

 

 

 

 

 

Concurrent threat

Not available

Up to 150 Mbps with Cisco ASA

Up to 225 Mbps with AIP-SSM-10;

Up to 450 Mbps with AIP-SSM-20

Not available

mitigation throughput

 

5500 Series Advanced Inspection

Up to 375 Mbps with AIP-SSM-20

 

 

(firewall + IPS services)

 

and Prevention Security Services

 

 

 

 

 

Module (AIP SSM) 10 (part number

 

 

 

 

 

AIP-SSM-10); Up to 300 Mbps with

 

 

 

 

 

Cisco ASA 5500 Series AIP SSM 20

 

 

 

 

 

(part number AIP-SSM-20)

 

 

 

 

 

 

 

 

 

3DES/AES VPN throughput

Up to 100 Mbps

Up to 170 Mbps

Up to 225 Mbps

Up to 325 Mbps

Up to 360 Mbps

 

 

 

 

 

 

IPsec VPN peers

10; 25*

250

750

5000

5000

 

 

 

 

 

 

SSL VPN peers*

2/25

2/250

2/750

2/2500

2/5000

(included/maximum)

 

 

 

 

 

 

 

 

 

 

 

Concurrent sessions

10,000; 25,000*

50,000; 130,000*

280,000

400,000

650,000

 

 

 

 

 

 

New sessions per second

3,000

6,000

9,000

20,000

28,000

 

 

 

 

 

 

Integrated network ports

8-port Fast Ethernet switch

5 Fast Ethernet ports

4 Gigabit Ethernet ports plus

4 Gigabit Ethernet ports plus

8 Gigabit Ethernet ports, SFP fiber,

 

(including 2 PoE ports)

 

1 Fast Ethernet port

1 Fast Ethernet port

and 1 Fast Ethernet port

 

 

 

 

 

 

Virtual interfaces (VLANs)

3 (trunking disabled) /

50/100 *

150

200

250

 

20* (trunking enabled)

 

 

 

 

 

 

 

 

 

 

Security contexts

0/0

0/0 (Base); 2/5 (Security Plus)

2/20

2/50

2/50

(included/maximum)

 

 

 

 

 

 

 

 

 

 

 

High availability

Not supported;

Not supported; Active/Active and

Active/Active and Active/Standby

Active/Active and Active/Standby

Active/Active and Active/Standby

 

stateless Active/Standby*

Active/Standby*

 

 

 

 

 

 

 

 

 

Expansion slot

1, SSC

1, SSM

1, SSM

1, SSM

0

 

 

 

 

 

 

*Available through an upgrade license

Copyright © 2007 Cisco Systems, Inc. All rights reserved. Cisco, Cisco IOS, Cisco Systems, and the Cisco Systems logo are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

C45-388594-00 01/07

Image 4
Contents Cisco ASA 5500 Benefits over Cisco PIX Cisco PIX Upsell to Cisco ASA 5500 Series Cisco PIX 515E End of Life asActive/Standby high availability, DES JuneProduct Specifications

Cisco PIX 500 specifications

Cisco Systems, a leader in networking and cybersecurity solutions, introduced the Cisco PIX 500 series as a robust firewall appliance designed to protect networks from a multitude of threats. Originally launched in the late 1990s, the PIX (Private Internet eXchange) series became a cornerstone for organizations seeking reliable security for their internal and external networks.

One of the main features of the Cisco PIX 500 is its stateful inspection firewall capability. Unlike traditional packet filters, the stateful inspection technology examines active connections and maintains a table of open sessions, allowing only legitimate traffic that matches existing sessions. This provides a more comprehensive defense mechanism against unauthorized access attempts.

The PIX 500 supports an array of network protocols, including TCP/IP, UDP, ICMP, and more, granting it high versatility in diverse networking environments. It is designed to operate seamlessly inline with existing network infrastructure, thus minimizing downtime during deployment. The entire series is also equipped with multiple interfaces that support both Ethernet and serial connections, enabling connectivity to a wide range of device types.

Scalability is another hallmark of the Cisco PIX 500 series. It comes in various models catering to different sizes of organizations, from small businesses to large enterprises. These models allow for increasing throughput, user capacity, and additional features such as Virtual Private Network (VPN) capabilities, which facilitate secure remote access for users working off-site.

The PIX 500 series also features advanced security technologies, such as Network Address Translation (NAT), which helps to hide internal IP addresses and provides an additional layer of anonymity for connected devices. Furthermore, with integrated VPN support, the PIX allows for secure tunneling of data across the Internet, combining encryption and user authentication to protect sensitive information.

Security management of the PIX 500 is facilitated through the use of Cisco's command-line interface (CLI), and later models introduced web-based management interfaces for easier administration. Alongside logging and reporting capabilities, the PIX enables network administrators to monitor traffic patterns and identify potential security breaches in real-time.

Overall, the Cisco PIX 500 series was an iconic product that laid the foundation for modern firewall solutions, offering essential features and capabilities that addressed the evolving security challenges of network environments. Its commitment to security, coupled with user-friendly management options, made it a trusted choice for organizations worldwide seeking to protect their digital assets. Even though the PIX series has been ultimately succeeded by next-generation firewalls, its legacy remains influential in the realm of network security.