Note
PIX 501 and 506E models do not support the new firewall software versions. They are capable of running
up to version 6.3 only.
Firewall Appliance OS Software
Cisco Security Appliance software for firewalls delivers the latest firewall and VPN capabilities, enhanced
performance, and security improvements, as well as a list of new features. Version 7.0 and the latest release,
version 8.0, introduce significant enhancements to all major functional areas. These areas include firewalling
and inspection services such as transparent (Layer 2) firewall or routed (Layer 3) firewall operation and multiple
security contexts (virtualized firewalls), Enhanced Interior Gateway Routing Protocol (EIGRP) support,
Application-Aware Inspection Services, enhanced VPN services, Dynamic Access Policies (DAP), browser-based
SSL VPN, network integration, high availability (Active/Active) and enhanced management and monitoring
services.
Some of the advanced features include TCP stream reassembly, which assists in detecting attacks that are
spread across multiple packets (fragmented) by reassembling packets into a full packet stream and performing
analysis on the entire stream.
Another feature, TCP normalization, provides improved techniques to detect TCP-based attacks and is designed
to drop packets that do not appear normal.
Pages:
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255