Packet filters ” These monitor source and destination layer 3 and 4 information with no session information and are based on ACL.
Proxy servers ” These operate as middlemen, maintaining session connections between themselves and the client and between themselves and the destination systems. They typically run on other multipurpose operating systems.
Stateful packet filters ” These monitor traffic as packet filters do; however, they record the traffic into connection and xlate tables to allow only requested traffic back into the system. The PIX uses stateful packet filters.
The Adaptive Security Algorithm controls traffic flow through the PIX firewall, performing stateful inspection of packets.
The PIX firewall supports WebSense and N2H2 content services.
The security levels include
Security Level 100 ” This is the highest level and is set on the inside (trusted) interface.
Security Level 0 ” This is the lowest level and is set on the outside (untrusted) interface.
Security Level 50 ” This typically is set on the DMZ interface and can access lower security levels but not higher security levels.
The PIX models are described in the following table.
