思科防火墙产品介绍

©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-1CiscoPIX防火墙产品和ASA防火墙©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-2思科防火墙产品型号和特性©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-3SMB价格Functionality千兆以太网PIX防火墙产品EnterpriseROBOPIXFirewall515EPIXFirewall525PIXFirewall535SOHOPIXFirewall501PIXFirewall506ESP©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-4SMB价格Functionality千兆以太网ASA自适应安全产品EnterpriseROBOSOHOSPASA5520ASA5540ASA5510ASA5550©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-5CiscoPIX防火墙501•应用在小型办公室•同时支持7500个连接•60-Mbps吞吐量•支持的端口–支持一个10/100BASE-T*以太网端口(outside)–四个10/100交换端口(inside)•VPN吞吐量–3-Mbps3DES–4.5-Mbps128-bitAES•同时支持10个VPNpeers*100BASE-T速率在6.3版本后才能使用.©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-6VPNTUNNELPOWER100MBPSLINK/ACTPIX防火墙501:前面板指示灯©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-7PIX防火墙501:后面板SecurityLockSlotPowerConnector10/100BASE-T(RJ-45)ConsolePort(RJ-45)Four-Port10/100Switch(RJ-45)©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-8PIX防火墙506E•使用远端办公或者小型－中型企业•能同时提供25,000个连接•提供100-Mbpscleartext吞吐量•支持两个端口–10/100BASE-T*–两个VLANs*•提供VPN吞吐量–17-Mbps3DES–30-Mbps128-bitAES•同时支持25个VPNpeers*100BASE-T速率在6.3版本后才能使用..两个VLANs在6.3(4)版本后支持.©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-9PIX防火墙506E:前面板指示灯NETWORKACTPOWERLED©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-10PIX防火墙506E:后面板LINKLEDConsolePort(RJ-45)电源开关ACTLED10/100BASE-T(RJ-45)10/100BASE-T(RJ-45)ACTLEDLINKLEDUSBPort©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-11PIX防火墙515E•小型或者中等企业用户使用•能提供130,000连接•提高190-Mbpscleartext吞吐量•接口支持–最多六个10/100快速以太网口–最多支持25VLANs–最多支持5个虚拟防火墙•支持failover–Active/standby–Active/active•支持VPNs(2,000tunnels)–Sitetosite–远程访问©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-12PIX防火墙515E:前面板指示灯NETWORKPOWERACT©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-13PIX防火墙515E:后面板扩展插槽固定接口©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-14PIX防火墙515E:固定接口FailoverConnectorFDXLEDLinkLED100MbpsLEDFDXLEDCONSOLEPort(RJ-45)10/100BASE-TETHERNET1(RJ-45)PowerSwitchLINKLED100MbpsLED10/100BASE-TXETHERNET0(RJ-45)LinkLED©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-15PIX防火墙515E:扩展插槽可选的板卡VACVAC+4FE-66快速以太网卡VPN加速卡1FE扩展插槽©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-16PIX防火墙515E:快速以太网卡端口编号•PIX防火墙515E可选板卡需要URlicense.单口板卡四口板卡©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-17PIX防火墙525•大型企业用户使用•提供280,000个连接•提供330-Mbpscleartext吞吐量•端口支持–最多1010/100以太网口–最多100个VLANs–最多支持50个虚拟防火墙•支持failover–Active/standby–Active/active•支持VPNs(2,000tunnels)–Sitetosite–Remoteaccess©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-18PIX防火墙525:前面板指示灯电源ACT©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-19PIX防火墙525:后面板扩展插槽固定接口©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-20PIX防火墙525:固定接口100MbpsLEDACTLEDACTLEDLINKLEDLINKLEDFAILOVERConnection10/100BASE-TXETHERNET1(RJ-45)USBPortConsolePort(RJ-45)10/100BASE-TXETHERNET0(RJ-45)©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-21PIX防火墙525:扩展卡和VPN加速卡VACandVAC+1GE-66Card1FECard4FE-66Card©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-22PIX防火墙535•大型企业用户使用•同时提供500,000个连接•提供1.65-Gbpscleartext吞吐量•支持的端口–最多14个百兆或者千兆以太网口–最多支持150个VLANs–最多支持50个虚拟防火墙•支持failover–Active/standby–Active/active•支持VPNs(2,000tunnels)–Sitetosite–Remoteaccess©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-23PIX535:前面板指示灯电源ACTIVE©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-24Bus1Bus0(64-bit,66-MHz)Bus2(32-bit,33-MHz)PIX防火墙535:后面板Slots3210Slots87654ConsoleRJ-45USBportDB-15Failover©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-25PIX防火墙535:可选板卡VACVAC+1GE1GE-664FE-66GigabitEthernetFastEthernetVPNAccelerator1FE4FE(EOS)©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-26PIX535:后面板DB-15FailoverSlot8Slot7Slot6Slot5Slot4Slot3Slot2Slot1Slot0ConsoleRJ-45USBPort©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-27ASA5500系列防火墙©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-28CiscoASA5510•可以在一个企业、中小型企业使用或者做VPN网关•同时提供64,000个连接•提供300-Mbps吞吐量•支持的接口–最多支持5个10/100FastEthernet端口–最多支持10个VLANs•支持failover–Active/standby•支持VPNs–Sitetosite–Remoteaccess–WebVPN•支持AIP-SSM-10(可选)©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-29CiscoASA5520•中小企业用户使用，或者做VPN网关•提供同时130,000个连接•提供450-Mbps吞吐量•提供的接口–4个10/100/1000以太网口–1个10/100以太网口–最多支持25个VLANs–最多支持10个虚拟防火墙•支持failover–Active/standby–Active/active•支持VPNs–Sitetosite–Remoteaccess–WebVPN•支持AIP-SSM-10(可选)©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-30CiscoASA5540•企业用户使用，可以做VPN网关•同时提供280,000个连接•提供400-Mbps吞吐量•支持的接口–4个10/100/1000以太网口–1个10/100以太网口–支持100个VLANs–最多50个虚拟防火墙•支持failover–Active/standby–Active/active•支持VPNs–Sitetosite(5,000peers)–Remoteaccess–WebVPN•支持AIP-SSM-20(可选）©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-31ASA5500Series:前面板POWERSTATUSACTIVEFLASHVPN©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-32SecurityServicesModule固定接口CompactFlashASA5500Series:后面板©2005CiscoSystems,Inc.Allrightsreserved.SNPAv4.0—2-33Four10/100/1000GigabitEthernetPorts*10/100Out-of-BandManagementPortAUXPortsCompactFlashTwoUSB2.0PortsPowerSupply(ACorDC)ConsolePort*ASA5510支持10/100以太网口.ASA5500Series:固定的端