Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: PIX Vs ASA

from [Damien Dinh] Network Security [Permanent Link]
Subject: RE: PIX Vs ASA
Date: Wed, 15 Feb 2006 13:16:11 -0800 
 

Joseph,

 

It's still an ASIC architecture and it claims to do application level.
Also, if you upgrade your PIX to the 7.0 code, it's the same code they
use on the ASA.  The new hardware has an option to install an IDS(IPS)
module inside and VPN (IPSec & SSL) is integrated as well.  To me, it
looks like the same appliance.  Here's some reading:

 

Cisco:  ASA 5500
http://www.cisco.com/en/US/products/ps6120/products_data_sheet0900aecd80
28bbf6.html

1.      Stateful firewall layer 2-7/IPS:  

        *       application/protocol command filtering, protocol anomaly
detection, and application and protocol state tracking 
        *       attack detection and mitigation techniques such as
buffer overflow defenses, content filtering and verification, and URL
deobfuscation services. 
        *       content filtering and application QoS:  Web, FTP, email,
streaming voic/media, database and OS services, 3G Mobile Wireless
Services, P2P, Instant Messaging. 
        *       protocol anomaly detection, Layer 2 man-in-the-middle
attacks, IP frag and normalization, TCP stream reassembly and
normalization, antispoofing, deobfuscation. 

2.      Malware, spyware, adware, and Dos protection 
3.      VPN IPSec and SSL 

 


Recently i have seen the word ASA on cisco site and even CSPFA is

replaced by Securing Networks with PIX and ASA (SNPA). I believe that
cisco has introduced a new security >platorm called ASA. Can anyone
please explain me what it is ??....whether this ASA 5500 series is going
to replace the old PIX Firewalls in future???... 


Kindly throw some lights on the above mentioned....
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: PIX Vs ASA, Smith, Ryan
Next by Date:  Re: RE: PIX Vs ASA, Christopher Prewitt
Previous by Thread:  RE: PIX Vs ASA, Smith, Ryan
Next by Thread:  Re: PIX Vs ASA, Remo Mattei
Indexes:  [Date] [Thread] [Top] [All Lists]