Datasheet
Data Sheet
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 8 of 12
Features Benefit
Cisco PIX Command Line
Interface (CLI)
●
Allows customers to use existing Cisco IOS Software CLI knowledge for easy installation and
management without additional training
●
Supports improved ease-of-use with services such as command completion, context-sensitive
help, and command aliasing
●
Accessible through variety of methods including console port, Telnet, and SSHv2
Command-Level
Authorization
●
Gives businesses the ability to create up to 16 customizable administrative roles/profiles for
managing a Cisco PIX Security Appliance (monitoring only, read-only access to configuration,
VPN administrator, firewall/NAT administrator, etc.)
●
Uses either the internal administrator database or outside sources via TACACS+, such as
Cisco Secure ACS
SNMP and Syslog Support
●
Provide remote monitoring and logging capabilities, with integration into Cisco and third-party
management applications
●
Supports Cisco IPSec Flow Monitoring SNMP MIB, providing a wealth of VPN flow statistics
including tunnel uptime, bytes/packets transferred, and more
Table 2. Product Specifications
Feature Specifications
License Options
The Cisco PIX 515E Security Appliance is available in four primary models that provide different levels of interface density,
failover capabilities, and VPN throughput. Optional licenses support enabling features including security contexts, GTP
inspection, and various strengths of encryption technology.
Platform Licenses
●
Restricted Software License
The Cisco PIX 515E Restricted (PIX 515E-R) model provides an excellent value for
organizations looking for robust Cisco PIX Security Appliance services with minimal
interface density and VPN throughput requirements. It includes 64 MB of RAM, two 10/100
Fast Ethernet interfaces, and support for one additional 10/100 Fast Ethernet interface.
●
Unrestricted Software License
The PIX 515E Unrestricted (PIX 515E-UR) model extends the capabilities of the family with
support for stateful failover, additional LAN interfaces, and increased VPN throughput via
integrated hardware-based VPN acceleration. It includes an integrated VAC or VAC+
hardware VPN accelerator, 128 MB of RAM, two 10/100 Fast Ethernet interfaces, and
support for up to four additional 10/100 Fast Ethernet interfaces. The Cisco PIX 515E-UR
also adds the ability to share state information with a secondary Cisco PIX Security
Appliance (either in an Active/Active or Active/Standby deployment model) for resilient
network protection.
●
Failover Active/Standby Software License
The Cisco PIX 515E “Failover” (PIX 515E-FO) model is designed for use in conjunction with
a PIX 515E-UR, providing a cost-effective, Active/Standby high-availability solution. It
operates in hot-standby mode acting as a complete redundant system that maintains
current session state information. With the same hardware configuration as the Cisco PIX
515E-UR, it delivers the ultimate in high availability for a fraction of the price.
●
Failover Active/Active Software License
The Cisco PIX 515E Failover Active/Active (PIX 515E-FO-AA) model is designed for use in
conjunction with a PIX 515E-UR, providing a scalable Active/Active high-availability
solution. Advanced network topologies, such as those with asymmetric routing, are
supported through the Active/Active architecture where both Cisco PIX Security Appliances
pass network traffic and exchange bi-directional state sharing updates with one another.
This license is supported by Cisco PIX Security Appliance Software v7.0 and higher.
License upgrades are available for existing PIX 515E-FO units to convert from
Active/Standby to Active/Active failover.
Feature Licenses
●
Security Context Licenses
The Cisco PIX 515E Security Appliance can support up to 5 security contexts, with each
context having its own separate security policies and administrative domain. One tier of
security context licensing is available for Cisco PIX 515E Security Appliances—5 security
contexts. This license is supported by Cisco PIX Security Appliance Software v7.0 and
higher, and requires an Unrestricted (UR), Failover (FO), or Failover Active/Active (FO-AA)
license—security contexts are not supported on Restricted (R) models.
●
GTP Inspection License
The Cisco PIX 515E Security Appliance can provide advanced security services for
GTP/GPRS 3G Mobile Wireless environments upon installation of the GTP Inspection
License. This license is supported by Cisco PIX Security Appliance Software v7.0 and
higher, and requires either an Unrestricted (UR), Failover (FO), or Failover Active/Active
(FO-AA) license—GTP inspection is not supported on Restricted (R) models.