spremkumar Tue, 08/07/2007 - 20:23

hi ajay


Router is specifically meant to do routing functionalities with the support of all the routing protocols and with other added features like QOS/VPN/Firewall/IDS...


Though they can do firewall functionalities also its not supposed to be used as full fledged security appliance.


As far as pix firewall is concerned its meant to be used as a security appliance with added less routing and other features.


Fundamentally by default in pix you need to manually open or allow ports which needs to be accessed with the configuration.

Untill unless you manually configure/open the ports you wont be able to access anything hosted on the port which is blocked by default.

But in case of router you need to manually close the unecessary ports which is not in use using cli commands.


There are various features which a router can perform but a firewall wont be able to do.


regds


guruprasadr Tue, 08/07/2007 - 21:33

HI Ajay,


In an addition to "spremkumar" comments.


For PIX, you have a feature of Inside and Outside Interfaces facility also in addition to the above you can host the Public accessible Mail Servers, WebServers in DMZ Zone where you can avoid the outside traffic coming inside your LAN Network.


Router will fall under Routing Domain and PIX will fall under Security Domain.


All kind of Routing at Edge level, Distribution level, Core level can be done with the help of Router using various protocols whereas with the help of PIX it has very less feature of same.



You have lot more a Router can do but whereas a Firewall cannot do and Vicerversa.



Do Rate all Helpful Posts.



Best Regards,


Guru Prasad R

Actions

This Discussion