Introduction

Cisco PIX Firewall 525 Unrestricted Bundle

The Cisco PIX 525 Security Appliance delivers enterprise-class security for medium-to-large enterprise networks in a reliable, purpose-built appliance. Its modular two-rack unit (2RU) design supports up to eight 10/100 Fast Ethernet interfaces or three Gigabit Ethernet interfaces, making it an ideal choice for businesses requiring a resilient, high performance, Gigabit Ethernet-ready solution that provides solid investment protection. Part of the world-leading Cisco PIX Security Appliance Series, the Cisco PIX 525 Security Appliance provides a wide range of rich integrated security services, hardware VPN acceleration capabilities, and powerful remote management capabilities in a cost-effective, highly-resilient solution.

Cisco PIX 525 Security Appliance Unrestricted Bundle includes Unrestricted Software that extends the capabilities of the product with support for stateful failover, additional LAN interfaces, and increased VPN throughput via integrated hardware-based VPN acceleration.

Features

True security appliance
Uses a proprietary, hardened operating system that eliminates security risks associated with general purpose operating systems
Cisco quality and no moving parts provide a highly reliable security platform

Stateful inspection firewall
Provides perimeter network security to prevent unauthorized network access
Uses state-of-the-art Cisco ASA for robust stateful inspection firewall services
Provides flexible access-control capabilities for over 100 predefined applications, services and protocols, with the ability to define custom applications and services
Includes numerous application-aware inspection engines that secure advanced networking protocols such as H.323 Version 4, Session Initiation Protocol (SIP), Cisco Skinny Client Control Protocol (SCCP), Real-Time Streaming Protocol (RTSP), Internet Locator Service (ILS), and more
Includes content filtering for Java and ActiveX applets

Easy VPN Server
Provides remote access VPN concentrator services for a wide variety of Cisco software or hardware-based VPN clients
Pushes VPN policy dynamically to Cisco Easy VPN Remote-enabled solutions upon connection, ensuring the latest corporate security policies are enforced
Extends VPN reach into environments using Network Address Translation (NAT) or Port Address Translation (PAT), via support of Internet Engineering Task Force (IETF) UDP-based draft standard for NAT traversal

Site-to-site VPN
Supports IKE and IPsec VPN standards
Ensures data privacy/integrity and strong authentication to remote networks and remote users over the Internet
Supports 56-bit DES, 168-bit 3DES and up to 256-bit AES data encryption to ensure data privacy

Intrusion protection
Provides protection from over 55 different types of popular network-based attacks ranging from malformed packet attacks to DoS attacks
Integrates with Cisco Network Intrusion Detection System (IDS) sensors for the ability to dynamically block/shun hostile network nodes via the firewall

AAA support
Integrates with popular authentication, authorization, and accounting services via TACACS+ and RADIUS support
Provides tight integration with Cisco Secure Access Control Server (ACS)

X.509 certificate and CRL support
Supports SCEP-based enrollment with leading X.509 solutions from Baltimore, Entrust, Microsoft, and VeriSign

Integration with leading third-party solutions
Supports the broad range of Cisco AVVID (Architecture for Voice, Video and Integrated Data) partner solutions that provide URL filtering, content filtering, virus protection, scalable remote management, and more

Virtual LAN (VLAN)-based virtual interfaces
Provides increased flexibility when defining security policies and eases overall integration into switched network environments by supporting the creation of logical interfaces based on IEEE 802.1q VLAN tags, and the creation of security policies based on these virtual interfaces
Supports multiple virtual interfaces on a single physical interface through VLAN trunking
Supports multiple VLAN trunks per Cisco PIX Security Appliance
Supports up to 10 VLANs on Cisco PIX 525 Security Appliances

Open Shortest Path First (OSPF) dynamic routing
Provides comprehensive OSPF dynamic routing services using technology based on world-renowned Cisco IOS Software
Offers improved network reliability through fast route convergence and secure, efficient route distribution
Delivers a secure routing solution in environments using NAT through tight integration with Cisco PIX Security Appliance NAT services
Supports MD5-based OSPF authentication, in addition to plaintext OSPF authentication, to prevent route spoofing and various routing-based DoS attacks
Provides route redistribution between OSPF processes, including OSPF, static, and connected routes
Supports load balancing across equal-cost multipath routes

DHCP server
Provides DHCP Server services one or more interfaces for devices to obtain IP addresses dynamically
Includes extensions for support of Cisco IP Phones and Cisco SoftPhone IP telephony solutions

DHCP relay
Forwards DHCP requests from internal devices to an administrator-specified DHCP server, enabling centralized distribution, tracking, and maintenance of IP addresses

NAT/PAT support
Provides rich dynamic/static NAT and PAT capabilities

CiscoWorks VPN/Security Management Solution (CiscoWorks VMS)
Comprehensive management suite for large scale deployments
Integrates policy management, software maintenance, and security monitoring

PIX Device Manager (PDM)
Intuitive, Web-based GUI enables simple, secure remote management of Cisco PIX Security Appliances
Provides wide range of informative, real-time, and historical reports which give critical insight into usage trends, performance baselines, and security events

Auto Update
Provides "touchless" secure remote management of Cisco PIX Security Appliance configuration and software images via a unique push/pull management model
Next-generation secure XML/HTTPS management interface can be leveraged by Cisco and third-party management applications for remote Cisco PIX Security Appliance configuration management, inventory, software image management/deployment and monitoring
Integrates seamlessly with CiscoWorks Management Center for Firewalls and Auto Update Server for robust, scalable remote management of up to 1000 Cisco PIX Security Appliances (per management server)

Cisco PIX CLI
Allows customers to use existing PIX CLI knowledge for easy installation and management without additional training
Accessible through variety of methods including console port, Telnet, and SSH

Command-level authorization
Enables businesses to create up to 16 customizable administrative roles/profiles for accessing Cisco PIX Security Appliances (for example, monitoring only, read-only access to configuration, VPN administrator, firewall/NAT administrator, and so on)
Leverages either the internal administrator database or outside sources via TACACS+, such as Cisco Secure ACS

SNMP and syslog support
Provide remote monitoring and logging capabilities, with integration into Cisco and third-party management applications

Specifications

Photos