In addition, the FWSM software
version has a different numbering train from the appliance version numbers. The latest version that is available
for the FWSM at the time of writing is version 3.x. Similar to the appliance software release, FWSM software
offers all major firewall functions and features, such as multiple security contexts (virtual firewalls), transparent
firewall (Layer 2) or routed firewall (Layer 3) operation, Application-Aware Inspection Services, Bidirectional
NAT and Policy-based NAT, and high availability and enhanced management and monitoring services. FWSM
offers several protection features to control network activity associated with specific kinds of attacks, such as
ARP Inspection, DNS Guard, Flood Defender, Unicast Reverse Path Forwarding (uRPF), Frag Guard and Virtual
Reassembly, Mail Guard, and UDP rate control.
Although the PIX/ASA OS is similar to the FWSM OS, there are some subtle differences. Many of the differences
are enhancements that take advantage of the Catalyst 6500 Series Switch and Cisco 7600 Series Router
architecture.
Note
FWSM does not provide VPN and IPS functionality. FWSM is a purpose-built firewall device. The following
separate purpose-built products are available on the Catalyst 6500 Series Switch and Cisco 7600 Series
Router: IPsec VPN Service Module (VPNSM), WebVPN Service Module, and Intrusion Detection System
Module (IDSM-2).
Pages:
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329