Chapter 3. Troubleshooting Cisco Secure PIX Firewalls


A PIX firewall falls into the category of stateful firewall. It provides security to the perimeter network by creating and maintaining the state information of connections. PIX boosts performance because its OS is embedded and runs directly from RAM for packet processing. Cisco Adaptive Security Appliance (ASA 5500 Series), is the next-generation security appliance, which runs the same OS as the PIX, but provides more security services (for example, an SSM blade for IPS, SSL VPN, and so on) than PIX Firewall. Beginning with Version 7.0, the ASA 5500 (minimum version requirement on the ASA is 7.0), and PIX platforms (running Version 7.0), provide the same firewall features. As the primary focus of this chapter is to discuss firewall features, additional services provided by the ASA 5500 (IPS, SSL, VPN, and so on) will not be discussed. The troubleshooting discussion in this chapter is based on the PIX platform, which also can be used for ASA 5500.

PIX Firewall has a very flexible and robust command-line interface (CLI) parser that is very similar to a router (in particular on PIX Version 7.0). In addition, a GUI such as Adaptive Security Device Manager or ASDM (formally known as PIX Device Manager or PDM) and a firewall management console (MC) can be used to manage the PIX firewall. Most troubleshooting, however, is performed using the CLI; hence the primary focus on the chapter is using the CLI on the new version of PIX, which is 7.0.



Cisco Network Security Troubleshooting Handbook
Cisco Network Security Troubleshooting Handbook
ISBN: 1587051893
EAN: 2147483647
Year: 2006
Pages: 190
Authors: Mynul Hoda

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net