PIX firewall appliances allows data to pass out, but not in. How? What is (in reality) going on inside of a Cisco PIX firewall? According to Andy Fox, (a certified Cisco Systems instructor for Global Knowledge) there are six basic computer commands inside each Cisco PIX firewall: nameif, interface, ip address, global, nat, and route. The next paragraph briefly covers what these commands mean and what transpires from them.

From the nameif command, we can derive the type of hardware used, interface names, and assigned security levels. Security levels are assigned to interfaces—some interfaces are more trusted than others. The interface command identifies network interfaces and hardware speed; and when using the IP address command, an IP address is assigned to an interface to make it easily identifiable. Stats from an interface can be obtained (which allow administers to check connectivity within a business network). Even though the PIX firewall is not a router, it behaves as one as it routes or passes data. Then, in order for the PIX firewall to translate trusted (or less trusted) IP addresses, it will either allow or block data from coming through. For tight, intelligent network security, global and nat addresses are required. For example, the nat_id must match global statements before data can enter through a PIX firewall.

In plain English, Cisco's PIX security appliances offer advanced application policy enforcement for today's site-to-site and remote access IPSec virtual private networks (which includes Voice-Over-IP and multimedia). A PIX appliance “tracks the state of all network communications and prevents unauthorized network access. . . and delivers strong application layer security through 30 intelligent, application-aware inspection engines that examine network flows at Layers 4-7” (Cisco PIX 535 Security Appliance Datasheet).

Because Cisco's PIX security appliances have multi-vector attack protection services, they can effectively defend businesses from many popular forms of attacks, such as: denial-of-service (D0S) attacks, fragmented attacks, replay attacks, and malformed packet attacks. To conclude, the benefits deriving from PIX firewalls are: improved productivity, lower operational costs, and increased competitive advantage. If you are interested in looking into new, used, or refurbished PIX firewalls, PIX firewall interfaces, and cards, please contact Genesis Global at 1-800-908-9665 or e-mail a Sales Accounts Manager at sales@genesisglobalinc.com . Don't forget to ask about the ReNew™ Program: Trade-In and Trade-Up. Genesis Global is renowned for finding the right networking solutions! Your equipment is backed with warranty plans.
________

Debbie Jensen, an expert writer for business and technology for Genesis Global, has a Bachelor's Degree in Visual Communication (Multimedia). With her twenty year history of creative expressions and formalized study of Information Technology of digital print/web design and development, she is now publishing articles about networking for Genesis Global.

Articles Directory