Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
738
Views
0
Helpful
4
Replies

Stateful Firewall

dwei98
Level 1
Level 1

‎02-13-2002 11:15 AM - edited ‎03-08-2019 09:48 PM

Does CISCO products employ stateful firewall technology? Is there any reference model of that technology?

It is said Stateful Firewall is as secure as proxy firewall, how can compare them, I mean quantitively?

thx

Dong

Labels:
0 Helpful
4 Replies 4

eenest
Level 1
Level 1

‎02-13-2002 12:40 PM

PIX models 515 and up have that capability.

To deploy it you'll need to dedicate one interface on each PIX for state information exchange and connect two boxes with Ethernet crossover cable.

The interface settings should be 100full on both boxes.

As about price - that's probably the cheapest solution available on the market now.

0 Helpful

turnbull
Level 1
Level 1

‎02-14-2002 03:41 AM

Stateful Firewall means maintaining a table of information on each connection that is present in the firewall. The PIX has the edge over Proxy firewalls with its "cut through proxy" ability.

This checks the first packet in a session and then utilising uauth and the state table fast switches all susequent packets. Proxies must check every packet, passing them up and down the tcp/ip stack.

http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/pix_pa.htm

http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/pie_ds.htm

There may have been a misunderstanding.

Failover will require a dedicated serial cable and failover feature activation as well as the items mentioned by eenest.

Full details here

http://cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/config/failover.htm

0 Helpful

mynhier2
Level 1
Level 1
In response to turnbull

‎02-25-2002 07:10 PM

The Cisco IOS Firewall Features Set includes stateful firewalls, and they are fairly easy to set up. I personally have a low-end Cisco 806 with the FW IOS.

0 Helpful

itsmetn
Level 1
Level 1
In response to mynhier2

‎04-24-2002 04:25 AM

Is IOS Firewall Feature set an optional package that one must purchase or it is something I can download at Cisco? I just purchased a 806 and not too familiar with what Cisco is offering.

0 Helpful
Customers Also Viewed These Support Documents