For configuring i prefere CLI you have better control over firewall... you need better understand what every command means... Especially when configuring VPNs or ACLS - PDM adds lot of confusing and useless lines to configuration
check following links for comparsion and for Supported and Unsupported Commands
If you're new to PIX, PDM is probably the best as it simplify lots of configuration and monitoring tasks. Most important is that you do not have to know what CLI equavalent to PDM options as there're a lot of commands you need to know and understand how to use it (syntax combination). PDM also gives you graphical stats that is easy for you to understand.
But on the other hand, some (CLI-exposed) would prefer CLI as it gives you flexibility, especialy on command options. PDM is good as it gives you visibility on PIX status via the graphs.
The new Branch office firewall from Cisco is the ASA5505. The PIX 501 can only be upraded to v6.3(5) because they do not have enough memory for 7.X and the memory cannot be upgraded. If you want the 7.X functionality, then check into the ASA5505.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...