Back to: Network Peripherals

Cisco PIX 501

Print
Cisco PIX 501
Article Number: 001580
Cisco PIX 501
Description

Feature

Benefit

Enterprise-Class Security

Reliable, purpose-built security appliance

• Uses a proprietary, hardened operating system that eliminates security risks associated with general purpose operating systems
• Combines Cisco product quality with no moving parts to provide a highly reliable security platform

Stateful inspection firewall

• Provides perimeter network security to prevent unauthorized network access
• Uses state-of-the-art Cisco Adaptive Security Algorithm for robust stateful inspection firewall services
• Provides flexible access-control capabilities for over 100 predefined applications, services and protocols, with the ability to define custom applications and services
• Simplifies management of security policies by giving administrators the ability to create re-usable network and service object groups which can be referenced by multiple security policies, thus simplifying initial policy definition and on-going policy maintenance

Advanced application and protocol inspection

• Integrates over two dozen specialized inspection engines for protocols such as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Domain Name System (DNS), Simple Network Management Protocol (SNMP), SQL*Net, Network File System (NFS), H.323 Versions 1-4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), Internet Locator Service (ILS), and many more

Cisco Easy VPN Remote (hardware VPN client)

• Enables dramatically simplified VPN rollouts to small office/teleworker environments by eliminating the provisioning complexities of traditional site-to-site VPN deployments
• Downloads VPN policy dynamically from a Cisco Easy VPN Server upon connection, ensuring the latest corporate security policies are enforced
• Provides robust client-side VPN resiliency with support for up to 10 Cisco Easy VPN Servers with automatic failover, in addition to Dead Peer Detection (DPD) support
• Supports optional authentication of individual users behind a Cisco PIX Security Appliance through an easy-to-use, Web-based interface with support for standard and one-time passwords (including authentication tokens)
• Extends VPN reach into environments using NAT or PAT, via support of Internet Engineering Task Force (IETF) UDP-based draft standard for NAT traversal
• Supports both split and non-split tunneling environments
• Provides intelligent, transparent DNS proxy capabilities for access to both corporate and public DNS servers

Cisco Easy VPN Server

• Provides remote access VPN concentrator services for up to 10 remote software or hardware-based VPN clients
• Pushes VPN policy dynamically to Cisco Easy VPN Remote-enabled solutions (such as the Cisco VPN Client) upon connection, ensuring the latest corporate security policies are enforced
• Supports award-winning Cisco VPN Client on multiple platforms including Microsoft Windows 98/ME/NT/2000XP, Sun Solaris, Intel-based Linux distributions, and Apple Macintosh OS X (available separately)

Site-to-site VPN

• Supports IKE and IPSec VPN industry standards
• Extends networks securely over the Internet by ensuring data privacy/integrity and strong authentication with remote networks
• Supports 56-bit DES, 168-bit 3DES, and up to 256-bit AES data encryption to ensure data privacy

Intrusion prevention

• Provides protection from over 55 different types of popular network-based attacks ranging from malformed packet attacks to denial-of-service (DoS) attacks
• Integrates with Cisco Network Intrusion Detection System (IDS) sensors to identify and dynamically block/shun hostile network nodes

Authentication, authorization, and accounting (AAA) support

• Integrates with popular AAA services via TACACS+ and RADIUS
• Provides tight integration with Cisco Secure Access Control Server (ACS) for user/administrator authentication, dynamic per-user/group policies, and administrator access privileges

X.509 certificate and CRL support

• Supports SCEP-based enrollment with leading X.509 solutions from Baltimore, Entrust, Microsoft, and VeriSign

Integration with leading third-party solutions

• Supports the broad range of Cisco AVVID (Architecture for Voice, Video and Integrated Data) partner solutions that provide URL filtering, content filtering, virus protection, scalable remote management, and more

Integrated security lock slot

• Provides ability to physically secure the Cisco PIX 501 Security Appliance using a standard notebook security cable lock (lock not included)

Industry certifications and evaluations

• Earned numerous leading industry certifications and evaluations, including:
• Common Criteria Evaluated Assurance Level 4 (EAL4)
• FIPS 140-2, Level 2 Validation

Robust Small Office Networking

Integrated 4-port 10/100 switch

• Provides convenient, high-speed networking environment for small office environments in a single compact platform
• Auto-MDIX support eliminates the need to use crossover cables with devices connected to the switch

DHCP client/server

• Obtains IP address for outside interface of appliance automatically from service provider
• Provides IP addresses to devices on inside network of the appliance
• Delivers "zero touch provisioning" of Cisco IP Phones via automated bootstrapping of CallManager contact information through DHCP server extensions

DHCP relay

• Forwards DHCP requests from internal devices to an administrator-specified DHCP server, enabling centralized distribution, tracking and maintenance of IP addresses

NAT/PAT support

• Provides dynamic, static, and policy-based NAT, as well as PAT services
• Allows multiple users to share a single broadband connection using a single public IP address

PAT for IPSec

• Supports IPSec passthrough services, enabling a single device behind the Cisco PIX Security Appliance to establish a VPN tunnel through the firewall to a VPN peer

PPPoE support

• Ensures compatibility with networks that require PPP over Ethernet (PPPoE) support

Rich Management Capabilities

CiscoWorks VMS

• Provides a comprehensive management suite for large scale Cisco security product deployments
• Integrates policy management, software maintenance, and security monitoring in a single management console

Cisco PIX Device Manager (PDM)

• Intuitive, Web-based GUI enables simple, secure remote management of Cisco PIX Security Appliances
• Provides wide range of informative, real-time, and historical reports which give critical insight into usage trends, performance baselines, and security events

Auto Update

• Provides "touchless" secure remote management of Cisco PIX Security Appliance configuration and software images via a unique push/pull management model
• Next-generation secure XML/HTTPS management interface can be leveraged by Cisco and third party management applications for remote Cisco PIX Security Appliance configuration management, inventory, software image management/deployment, and monitoring
• Supports dynamically addressed appliances in addition to firewalls with static IP addresses
• Integrates seamlessly with Management Center for Firewalls and Auto Update Server for robust, scalable remote management of up to 1000 Cisco PIX Security Appliances (per management server)

Cisco PIX command-line interface

• Allows customers to use existing Cisco IOS CLI knowledge for easy installation and management with little additional training needed
• Accessible through variety of methods including console port, Telnet, and SSH

Command-level authorization

• Gives businesses the ability to create up to 16 customizable administrative roles/profiles for managing a Cisco PIX S