Traditionally, Cisco has provided robust network security through the use of firewalls, which create a strong defense for fast-changing network deployments. The Cisco firewall family includes the following devices and solutions:
Cisco PIX Firewalls
Cisco PIX Firewalls have always played a vital role in the Cisco security strategy. The different Cisco firewall models provide security solutions for small and large enterprises. The current Cisco PIX Firewall models are as follows:
Cisco PIX 501, 506 and 506E offer a firewall solution for small office, home office (SOHO) environments. Cisco PIX 515, 515E, 525, and 535 are widely deployed in medium and large enterprises.
The Cisco FWSM is a high-speed firewall module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. It currently provides one of the fastest firewall data rates in the industry (a total of 5-Gbps throughput, 100,000 cycles per second [CPS], and 1 million concurrent connections). Additionally, you can install up to four FWSMs in a single chassis. This will scale to up to 20 Gbps per chassis.
The Cisco FWSM is designed for large enterprises and service providers. It includes virtualization services at Layer 2 and Layer 3, as well as resource management capabilities. The virtualization capability allows you to split a single Cisco FWSM into multiple logical security contexts (virtual firewalls). The concept of a Layer 2 firewall, also known as a transparent firewall, allows you to deploy the FWSM in stealth mode, in which it is not seen as an extra Layer 3 hop.
Cisco IOS Firewall
The Cisco IOS Firewall feature set is available for a wide range of Cisco IOS software-based routers. Numerous organizations deploy Cisco routers with the IOS Firewall feature set for security and policy enforcement of their intranet and extranets. Additionally, it is widely deployed to secure Internet connections on remote and branch offices.
Part I: Product Overview
Introduction to Network Security
Part II: Firewall Solution
Initial Setup and System Maintenance
Network Access Control
Authentication, Authorization, and Accounting (AAA)
Failover and Redundancy
Quality of Service
Part III: Intrusion Prevention System (IPS) Solution
Intrusion Prevention System Integration
Configuring and Troubleshooting Cisco IPS Software via CLI
Part IV: Virtual Private Network (VPN) Solution
Site-to-Site IPSec VPNs
Remote Access VPN
Public Key Infrastructure (PKI)
Part V: Adaptive Security Device Manager
Introduction to ASDM
Firewall Management Using ASDM
IPS Management Using ASDM
VPN Management Using ASDM