5-15
Cisco IOS Firewall
Chapter5 VPN and Security Products
Selected Part Numbers and Ordering Information1
For More Information
See the Cisco Secure User Registration Tool Web site:
http://www.cisco.com/go/urt
Cisco IOS FirewallThe Cisco IOS Firewall enriches Cisco IOS Software security capabilities, integrating
robust firewall functionality and intrusion detection for every network perimeter. When
combined with Cisco IOS IPSec software and other Cisco IOS Software-based
technologies such as L2TP tunneling and quality of service (QoS), it provides a
complete, integrated virtual private network solution. Because it is available for a wide
range of Cisco routers, it gives customers the flexibility to choose a solution that meets
their bandwidth, LAN/WAN density, and multiservice requirements, while benefiting
from advanced security.
When to Sell
Key Features
•Context-based access control (CBAC) provides secure, stateful, application-based
packet inspection, supporting the latest protocols and advanced applications
•Intrusion detection for real-time inline monitoring, interception, and response to
network misuse for 100 attack signatures
•Supports URL Filtering either local on the router through exclusive domains as
well as use of external Websense and N2H2 servers.
•Dynamic, per-user authentication/authorization for LAN, WAN, and VPN clients
•Authentication proxy for https, ftp and telnet connections
•Supports Security Device Manager (SDM)
•Graphical configuration and management via the VPN/Security Management
Solution (VMS) and the IP Solution Center (ISC)
•Provides strong perimeter security for a complete Cisco IOS Software-based VPN
solution, including IPSec, QoS, and tunnelling
Competitive Products
Cisco Secure User Registration Tool (URT)1
1. This is only a small subset of all parts available via URL listed under “For More Information”. Some parts have
restricted access or are not available through distribution channels.
URT-2.5-K9 Starter Kit: includes one (1) User Registration Tool 2.5 Software license, and one (1) Cisco 1101
VLAN Policy Server (VPS) appliance
URT-2.5-UP Software only; upgrades customers from URT 2.X to 2.5; includes upgrade for both URT Admin
Server and Cisco 1100 VPS appliance
URT-1101-HW-K9 Hardware Only; Cisco 1101 VPS appliance; additional appliance needed for backup, use in
distributed deployments, or deployments requiring Web logon capabilities
Sell This Product When a Customer Needs These Features
Cisco IOS Firewall • An integrated stateful firewall solution with powerful security and multiprotocol routing all on the same
platform
• Scalability options from the Cisco 800 up to the Cisco 7500 and the Catalyst 6000
• Low cost solution where high performance is not a requirement
• For secure extranet and intranet perimeters and Internet connectivity for branch and remote offices
• Secure remote access or data transfer via a Cisco IOS Software-based VPN solution
• Real-time (inline) integrated intrusion detection system (IDS) to complement firewall or existing IDS (Cisco
Secure IDS)
• Security and access to the network on a per-user basis
• Nortel: BaySecure Firewall-1 • Checkpoint, Nokia, Netscreen, etc