Datasheet
Data Sheet
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 6 of 12
Features Summary
Service Virtualization
(Multiple Security Context Mode)
●
Transparent
●
Routed Mode
●
NAT/PAT
●
ACL
●
Protocol Inspection
●
SNMP
●
Syslog
●
DHCP
●
Resource management controls resource usage per security context
Inspection Engines
●
Application policy enforcement
●
Protocol conformance checking
●
Protocol state tracking
●
Security checks
●
NAT/PAT support
●
Dynamic port allocation
●
Core internet protocols: HTTP, FTP, Trivial File Transfer Protocol (TFTP),
Simple Mail Transfer Protocol (SMTP), Extended SMTP (ESMTP), DNS,
Extended DNS (EDNS), ICMP, TCP, UDP
●
Database/OS services: Internet Locator Services/Lightweight Directory Access
Protocol (ISL/LDAP), Oracle/SQL*Net v1 and v2, NetBIOS over IP, NFS,
Remote Shell Protocol (RSH), sUNrpc/nis+, XWindows (SDMCP), Registration
Admission and Status (RAS) v2
●
Multimedia/VoIP: H.323 v1–4, H.323 Gatekeeper Cluster GUP message
support, Session Initiation Protocol (SIP), SCCP (Skinny), Skinny Video,
GPRS Tunneling Protocol (GTP) v0 and v1 (3G Mobile Wireless), Media
Gateway Control Protocol (MGCP) v0.1 and v1.0, Real-Time Streaming
Protocol (RTSP), Telephony Application Programming Interface (TAPI) and
Java TAPI (JTAPI) T.38 Fax over IP, Gatekeeper Routed Control Signaling
(GKRCS), fragmented and segmented multimedia stream inspection
●
Specific applications: Microsoft Windows Messenger, Microsoft NetMeeting,
Real Player, Cisco IP phones, Cisco SoftPhone
●
Security services: Point-to-Point Tuneling Protocol (PPTP)
High Availability
●
Intrachassis and interchassis
●
Active-Standby stateful failover
●
Active-Active stateful failover support in multiple context mode
●
Asymmetric routing support with Active-Active redundancy
Application Inspection Control
●
Advanced HTTP inspection services: RFC compliance checking for protocol
anomaly detection, HTTP command filtering, MIME type filtering content
validation, Uniform Resource Identifier (URI) length enforcement, and more
●
Tunneling application control: AOL Instant Messenger, Microsoft Messenger,
Yahoo Messenger, peer-to-peer applications (such as KaZaA and Gnutella),
and other applications (such as GoToMyPC)
System Management
●
Console to command-line interface (CLI): Session from switch, Cisco IOS
Software-like CLI parser
●
Telnet to the inside interface of FWSM
●
Telnet over IPSec to the outside interface of FWSM
●
SSH v1 and v2 to CLI
●
Web GUI-based single device manager (HTTP, HTTPS): Cisco ASDM v5.2F
for FWSM 3.2; Cisco ASDM v5.0F for FWSM Software 3.1; Cisco PIX Device
Manager 4.1 for FWSM Software 2.3;
●
Web GUI-based multiple device manager: Cisco Security Manager v3.0 or
above for FWSM Software 2.3 or later; CiscoWorks VMS Management Center
v1.3 for FWSM Software 2.3 or earlier
●
Web GUI-based CiscoView Device Manager v1.0 for Cisco Catalyst 6500
to configure FWSM Software 2.3 or earlier and launch Cisco PIX Device
Manager
●
Web GUI-based multiple device manager: CiscoWorks VMS Management
Center v1.3 for FWSM Software 2.3 or earlier; Cisco Security Manager for
FWSM Software 2.3
●
SNMP v2c MIBs and traps
●
Authenticaiton, authorization, and accounting (AAA): TACACS+ and RADIUS
support
●
Role-based administrative access
●
Online upgrade
●
Dedicated out-of-band management interface