Hi,
1- Does FWSM contain a processor OR relay on the SUP processor ?
FWSM do have internal processor but the info is not specifically available, with 1-GB RAM and 128-MB Flash memory. Logically, FWSM is similar to standalone PIX/ASA that you integrate to Catalyst 6500/Cisco 7600 seris.
2- What is the different between transparent mode and routed mode ? which mode is more secure ?
In routed mode, the FWSM is considered to be a router hop in the network. It performs NAT between connected networks. You need to do address translation between inside and outside to allow access.
In transparent mode, the FWSM acts like a "bump in the wire," or a "stealth firewall," and is not considered a router hop. The FWSM connects to the same network on its inside and outside interfaces. but each interface must be on a different VLAN. No dynamic routing protocols or NAT are required. This will facilitate you to put firewall in your existing network without need to change IP Addressing. All Layer3 routing will be done at switch level on layer 3 vlans.
Basically both mode are equally secure. It's a matter of how you implement it and depends on your network environment/topology.
http://www.cisco.com/en/US/partner/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080577c3b.html#wp1047294
3- Does it support EIGRP routing?
FWSM support / can participate in dynamic routing in single security context mode - Open Shortest Path First (OSPF), Routing Initiation Protocol (RIP) v1 and v2, PIM Sparse Mode v2 multicast routing, Internet Group Management Protocol (IGMP) v2.
But it can allow EIGRP update traffic to pass through via ACL.
Rgds,
AK
