Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
293
Views
0
Helpful
2
Replies

PIX vs Router Security

whinkle
Level 1
Level 1

‎10-06-2004 08:13 AM - edited ‎02-20-2020 11:40 PM

Hello:

This is going to sound like a naive question, but what are the fundamental security differences between a Cisco router and Pix?

Thanks,

W

0 Helpful
2 Replies 2

Patrick Iseli
Level 7
Level 7

‎10-06-2004 10:28 AM

No big diffrence between IOS Firewall (Router) and PIX Firewall!

- PIX and IOS FW (Router) are stateful Firewall so there is no diffrence.

- IOS Firewall supports a full range of interafces which the PIX does not, eg ADSL, Serial.

- IOS Firewall has more Routing protocol support.

- IOS FW supports QOS which is currently not available for the PIX.

- The IOS Firewall is more a Edge Firewall to the Internet see in the SAFE Blueprint the design fundamentals.

http://www.cisco.com/go/safe

- Both have a minimal IDS fonctionality, have spoofing prevention and helps again SYN Floods ....

I think there are a lot of diffrent opionions arround about this topic.

In security perspective there is no big diffrence if both are configured correctly.

Definition in SAFE Blueprint is:

At many points in the network design process, an enterprise will need to choose between a network device with integrated functions and a specialized functional appliance. Integrated functioning is attractive because you can implement it on existing equipment, the features can interoperate with the rest of the device to provide a better functional solution, or the features can be deployed incrementally to facilitate increased bandwidth requirements. Appliances are often used when the depth of capability required is advanced or when performance needs require using specialized hardware (see Appendix D for information regarding integrated security blades for Layer 3 switches versus appliances). Decisions should be based on the capacity and capability of the appliance, not the integration advantage of the device. For example, sometimes you can choose an integrated higher-capacity router operating Cisco IOS® Software with the firewall feature, as opposed to a smaller Cisco IOS Software-based router with a separate firewall device. Throughout this architecture, both types of systems are used. Historically, most critical security functions have migrated toward dedicated appliances because of the performance requirements of large enterprise networks. Recently, however, integrated equipment has become much more attractive because of performance and capability enhancements. A security specialist now has more viable options when choosing between security appliances and integrated devices.

sincerely

Patrick

0 Helpful

unicmd
Level 1
Level 1
In response to Patrick Iseli

‎10-29-2004 03:02 AM

dont thing the diff. between router vs. PIX is that big besides that you get much more hardware in a PIX, raw power then in a router pr. $.

NAT 1:1 with 1000 clients in a nat pool will need a 71xx router, witch cost much more then a PIX

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card