Feature |
Benefit |
Enterprise-Class
Security
|
|
Reliable, purpose-built security appliance |
¡P Uses a
proprietary, hardened operating
system that eliminates security
risks associated with general
purpose operating systems
¡P Combines Cisco
product quality with no moving
parts to provide a highly
reliable security platform
|
Stateful inspection firewall |
¡P Provides
perimeter network security to
prevent unauthorized network
access
¡P Uses
state-of-the-art Cisco Adaptive
Security Algorithm for robust
stateful inspection firewall
services
¡P Provides
flexible access-control
capabilities for over 100
predefined applications,
services and protocols, with the
ability to define custom
applications and services
¡P Simplifies
management of security policies
by giving administrators the
ability to create re-usable
network and service object
groups which can be referenced
by multiple security policies,
thus simplifying initial policy
definition and on-going policy
maintenance
|
Advanced application and protocol inspection |
¡P Integrates over
two dozen specialized inspection
engines for protocols such as
Hypertext Transfer Protocol
(HTTP), File Transfer Protocol
(FTP), Simple Mail Transfer
Protocol (SMTP), Domain Name
System (DNS), Simple Network
Management Protocol (SNMP),
SQL*Net, Network File System (NFS),
H.323 Versions 1-4, Session
Initiation Protocol (SIP), Cisco
Skinny Client Control Protocol (SCCP),
Real-Time Streaming Protocol (RTSP),
Internet Locator Service (ILS),
and many more
|
Cisco Easy VPN Remote (hardware VPN client) |
¡P Enables
dramatically simplified VPN
rollouts to small office/teleworker
environments by eliminating the
provisioning complexities of
traditional site-to-site VPN
deployments
¡P Downloads VPN
policy dynamically from a Cisco
Easy VPN Server upon connection,
ensuring the latest corporate
security policies are enforced
¡P Provides robust
client-side VPN resiliency with
support for up to 10 Cisco Easy
VPN Servers with automatic
failover, in addition to Dead
Peer Detection (DPD) support
¡P Supports
optional authentication of
individual users behind a Cisco
PIX Security Appliance through
an easy-to-use, Web-based
interface with support for
standard and one-time passwords
(including authentication
tokens)
¡P Extends VPN
reach into environments using
NAT or PAT, via support of
Internet Engineering Task Force
(IETF) UDP-based draft standard
for NAT traversal
¡P Supports both
split and non-split tunneling
environments
¡P Provides
intelligent, transparent DNS
proxy capabilities for access to
both corporate and public DNS
servers
|
Cisco Easy VPN Server |
¡P Provides remote
access VPN concentrator services
for up to 10 remote software or
hardware-based VPN clients
¡P Pushes VPN
policy dynamically to Cisco Easy
VPN Remote-enabled solutions
(such as the Cisco VPN Client)
upon connection, ensuring the
latest corporate security
policies are enforced
¡P Supports
award-winning Cisco VPN Client
on multiple platforms including
Microsoft Windows
98/ME/NT/2000XP, Sun Solaris,
Intel-based Linux distributions,
and Apple Macintosh OS X
(available separately)
|
Site-to-site VPN |
¡P Supports IKE
and IPSec VPN industry standards
¡P Extends
networks securely over the
Internet by ensuring data
privacy/integrity and strong
authentication with remote
networks
¡P Supports 56-bit
DES, 168-bit 3DES, and up to
256-bit AES data encryption to
ensure data privacy
|
Intrusion prevention |
¡P Provides
protection from over 55
different types of popular
network-based attacks ranging
from malformed packet attacks to
denial-of-service (DoS) attacks
¡P Integrates with
Cisco Network Intrusion
Detection System (IDS) sensors
to identify and dynamically
block/shun hostile network nodes
|
Authentication, authorization, and accounting (AAA) support |
¡P Integrates with
popular AAA services via TACACS+
and RADIUS
¡P Provides tight
integration with Cisco Secure
Access Control Server (ACS) for
user/administrator
authentication, dynamic
per-user/group policies, and
administrator access privileges
|
X.509 certificate and CRL support |
¡P Supports SCEP-based
enrollment with leading X.509
solutions from Baltimore,
Entrust, Microsoft, and VeriSign
|
Integration with leading third-party solutions |
¡P Supports the
broad range of Cisco AVVID
(Architecture for Voice, Video
and Integrated Data) partner
solutions that provide URL
filtering, content filtering,
virus protection, scalable
remote management, and more
|
Integrated security lock slot |
¡P Provides
ability to physically secure the
Cisco PIX 501 Security Appliance
using a standard notebook
security cable lock (lock not
included)
|
Industry certifications and evaluations |
¡P Earned numerous
leading industry certifications
and evaluations, including:
¡P Common Criteria
Evaluated Assurance Level 4
(EAL4)
¡P
ICSA Labs
Firewall 4.0 Certification,
Corporate RSSP Category
|
Robust Small
Office Networking
|
|
Integrated 4-port 10/100 switch |
¡P Provides
convenient, high-speed
networking environment for small
office environments in a single
compact platform
¡P Auto-MDIX
support eliminates the need to
use crossover cables with
devices connected to the switch
|
DHCP client/server |
¡P Obtains IP
address for outside interface of
appliance automatically from
service provider
¡P Provides IP
addresses to devices on inside
network of the appliance
¡P Delivers "zero
touch provisioning" of Cisco IP
Phones via automated
bootstrapping of CallManager
contact information through DHCP
server extensions
|
DHCP relay |
¡P Forwards DHCP
requests from internal devices
to an administrator-specified
DHCP server, enabling
centralized distribution,
tracking and maintenance of IP
addresses
|
NAT/PAT support |
¡P Provides
dynamic, static, and
policy-based NAT, as well as PAT
services
¡P Allows multiple
users to share a single
broadband connection using a
single public IP address
|
PAT for IPSec |
¡P Supports IPSec
passthrough services, enabling a
single device behind the Cisco
PIX Security Appliance to
establish a VPN tunnel through
the firewall to a VPN peer
|
PPPoE support |
¡P Ensures
compatibility with networks that
require PPP over Ethernet
(PPPoE) support
|
Rich Management
Capabilities
|
|
CiscoWorks VMS |
¡P Provides a
comprehensive management suite
for large scale Cisco security
product deployments
¡P Integrates
policy management, software
maintenance, and security
monitoring in a single
management console
|
Cisco PIX Device Manager (PDM) |
¡P Intuitive,
Web-based GUI enables simple,
secure remote management of
Cisco PIX Security Appliances
¡P Provides wide
range of informative, real-time,
and historical reports which
give critical insight into usage
trends, performance baselines,
and security events
|
Auto Update |
¡P Provides "touchless"
secure remote management of
Cisco PIX Security Appliance
configuration and software
images via a unique push/pull
management model
¡P Next-generation
secure XML/HTTPS management
interface can be leveraged by
Cisco and third party management
applications for remote Cisco
PIX Security Appliance
configuration management,
inventory, software image
management/deployment, and
monitoring
¡P Supports
dynamically addressed appliances
in addition to firewalls with
static IP addresses
¡P Integrates
seamlessly with Management
Center for Firewalls and Auto
Update Server for robust,
scalable remote management of up
to 1000 Cisco PIX Security
Appliances (per management
server)
|
Cisco PIX command-line interface |
¡P Allows
customers to use existing Cisco
IOS CLI knowledge for easy
installation and management with
little additional training
needed
¡P Accessible
through variety of methods
including console port, Telnet,
and SSH
|
Command-level authorization |
¡P Gives
businesses the ability to create
up to 16 customizable
administrative roles/profiles
for managing a Cisco PIX
Security Appliance (for example,
monitoring only, read-only
access to configuration, VPN
administrator, firewall/NAT
administrator, etc.)
¡P Leverages
either the internal
administrator database or
outside sources via TACACS+,
such as Cisco Secure Access
Control Server (ACS)
|
SNMP and syslog support |
¡P Provide remote
monitoring and logging
capabilities, with integration
into Cisco and third-party
management applications
|
¡@
Software Licenses
10-User License
50-User License
Unlimited User License
3DES/AES and DES Encryption Licenses
Performance Summary
Technical Specifications
Environmental Operating Ranges
Operating
Nonoperating
Power
Input
Output
Physical Specifications
Dimensions and Weight Specifications
Interfaces
Regulatory and Standards Compliance
Regulatory Compliance
Safety
Electromagnetic Compatibility (EMC)
PRODUCT ORDERING INFORMATION
Table 2. Ordering Information
Product Number |
Product Description |
PIX-501
|
Cisco PIX 501 chassis, software, 10-user license, integrated 4-port 10/100 switch and 10/100 port |
PIX-501-BUN-K9
|
Cisco PIX 501 10-user bundle (chassis, latest PIX software, 10-user and 3DES licenses, integrated 4-port 10/100 switch and 10/100 port) |
PIX-501-50-BUN-K9
|
Cisco PIX 501 50-user bundle (chassis, latest PIX software, 50-user and 3DES licenses, integrated 4-port 10/100 switch and 10/100 port) |
PIX-501-UL-BUN-K9
|
Cisco PIX 501 unlimited user bundle (chassis, latest PIX software, unlimited user and 3DES licenses, integrated 4-port 10/100 switch and 10/100 port) |
PIX-501-SW-10
|
10-user license for Cisco PIX 501 |
PIX-501-SW-50
|
50-user license for Cisco PIX 501 |
PIX-501-SW-UL
|
Unlimited user license for Cisco PIX 501 |
PIX-501-SW-10-50=
|
10-to-50 user upgrade license for Cisco PIX 501 |
PIX-501-SW-10-UL=
|
10-to-unlimited user upgrade license for Cisco PIX 501 (requires Cisco PIX Security Appliance Software Version 6.3) |
PIX-501-SW-50-UL=
|
50-to-unlimited user upgrade license for Cisco PIX 501 (requires Cisco PIX Security Appliance Software Version 6.3) |
PIX-501-PWR-AC=
|
Spare AC power supply for Cisco PIX 501 |
PIX-VPN-DES
|
Cisco PIX DES VPN/SSH/SSL encryption license |
PIX-501-VPN-3DES
|
Cisco PIX 501 3DES/AES VPN/SSH/SSL encryption license |
¡@
SUPPORT SERVICES
SUPPORT ORDERING INFORMATION
Table 3. Cisco SMARTnet Ordering Information
Product Number |
Product Description |
CON-SNT-PIX501-10
|
SMARTnet 8x5xNBD service for PIX 501 10-user bundle |
CON-SNTE-PIX501-10
|
SMARTnet 8x5x4 service for PIX 501 10-user bundle |
CON-SNTP-PIX501-10
|
SMARTnet 24x7x4 service for PIX 501 10-user bundle |
CON-S2P-PIX501-10
|
SMARTnet 24x7x2 service for PIX 501 10-user bundle |
CON-SNT-PIX501-50
|
SMARTnet 8x5xNBD service for PIX 501 50-user bundle |
CON-SNTE-PIX501-50
|
SMARTnet 8x5x4 service for PIX 501 50-user bundle |
CON-SNTP-PIX501-50
|
SMARTnet 24x7x4 service for PIX 501 50-user bundle |
CON-S2P-PIX501-50
|
SMARTnet 24x7x2 service for PIX 501 50-user bundle |
CON-SNT-PIX501UL
|
SMARTnet 8x5xNBD service for PIX 501 Unlimited-user bundle |
CON-SNTE-PIX501UL
|
SMARTnet 8x5x4 service for PIX 501 Unlimited-user bundle |
CON-SNTP-PIX501UL
|
SMARTnet 24x7x4 service for PIX 501 Unlimited-user bundle |
CON-S2P-PIX501UL
|
SMARTnet 24x7x2 service for PIX 501 Unlimited-user bundle |
CON-SNT-PIX501
|
SMARTnet 8x5xNBD service for PIX 501 configurable chassis |
CON-SNTE-PIX501
|
SMARTnet 8x5x4 service for PIX 501 configurable chassis |
CON-SNTP-PIX501
|
SMARTnet 24x7x4 service for PIX 501 configurable chassis |
CON-S2P-PIX501
|
SMARTnet 24x7x2 service for PIX 501 configurable chassis |