09-24-2001 11:13 AM - edited 02-20-2020 09:50 PM
What are some major differences between Cisco PIX and an IOS firewall? Thanks in advance.
09-27-2001 02:04 PM
The PIX and IOS firewall are similar in how they handle the traffic. The question you want to ask is do I want to take a performance hit on my router to handle firewalling? In small networks, the performance hit is negligible. In larger networks, its higher. I prefer to have a single machine (PIX) dedicated to firewalling and just let the router route.
09-28-2001 07:26 AM
I agree with the previous reply and also found this white paper by Cisco as to when to specify
the PIX box vs the router with IOS firewall feature set.
http://www.cisco.com/warp/customer/cc/pd/rt/2600/prodlit/flrrr_ov.htm
My question is, for the NIMDA worm, Cisco came out with a paper on house to use NBAR on
the router to stom NIMDA attacks. They did the same for the Code Red virus. However I did not
see how to do this same thing on the PIX box. Do you udate some signature file on the PIX
box with new attack signatures for code red and NIMDA? Did they come out with these
signatures for the PIX as quickly as they did for the firewall feature set?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide