Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
734
Views
0
Helpful
4
Replies

FWSM module VS Pix Firewall

fmatrine
Level 1
Level 1

‎10-30-2005 07:17 PM

Hi,

What is the difference between FWSM modules of 6500 switch vs PIX firewall hardware.

Also can somebody give the PRO's and CON's of both the module when positioning.

Which one is better FWSM or PIX firewall.

Regards

Deepak

Labels:
0 Helpful
4 Replies 4

jackko
Level 7
Level 7

‎10-31-2005 03:02 PM

fwsm does firewalling only; whereas pix does firewalling, vpn, and ids etc. assuming vpn/ids feature is required, then you'll need to purchase more module for the 6500.

in terms of firewalling, fwsm performance is much much better than pix (even the highest model), as fwsm provides 5.5 gbps throughput; whereas pix535 provides 1.7 gbps only.

for fwsm datasheet:

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_data_sheet0900aecd80281886.html

for pix535 datasheet:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a008007d05d.html

0 Helpful

michael_davis
Level 4
Level 4
In response to jackko

‎10-31-2005 08:55 PM

I don't know about IDS, haven't built that in either PIX nor FSWM, but the FSWM does do IPSEC/VPN as well as firewalling....

FSWM# sh ver

FWSM Firewall Version 2.3(2)

FWSM Device Manager Version 4.1(1)

Compiled on Wed 06-Apr-05 13:08 by dalecki

FSWM up 3 days 21 hours

Hardware: WS-SVC-FWM-1, 1024 MB RAM, CPU Pentium III 1000 MHz

Flash ♦2.20 TOSHIBA THNCF128MBA @ 0xc321, 20MB

0: gb-ethernet0: irq 5

1: gb-ethernet1: irq 7

2: ethernet0: irq 11

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES: Enabled

Maximum Interfaces: 256 (per security context)

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Throughput: Unlimited

ISAKMP peers: Unlimited

Security Contexts: 20

This machine has an Unrestricted (UR) license.

Serial Number: SAD0xxxxxxx

Running Activation Key: 0xabcdabcd 0xabcdabcd 0x12345689 0xabcdabcd

Configuration last modified by enable_15 at 22:45:43 Oct 31 2005

FSWM#

Let me know if this helps by rating the post.

Michael

0 Helpful

jackko
Level 7
Level 7
In response to michael_davis

‎10-31-2005 09:06 PM

there is another module for vpn, namely "cisco ipsec vpn services module"

http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4221/index.html

0 Helpful

michael_davis
Level 4
Level 4
In response to jackko

‎11-01-2005 07:42 AM

Ahh, I see where you're going. And I don't disagree with you, except with the statements that "FWSM does firewalling only." and that an additional module is required for VPN.

To me, it's like comparing the PIX to a VPN3000. Both support IPSEC vpns, but the choice is going to depend on scalability, managebility, client type requirements, budget, etc.

0 Helpful
Customers Also Viewed These Support Documents