PIX 525 2-Ports 45 Network Security Firewall

The Cisco® PIX® 525 Security Appliance delivers a wealth of advanced security and networking services for medium-to-large enterprise networks, in a reliable, purpose-built appliance. Its modular two-rack unit (2RU) design incorporates two 10/100 Fast Ethernet interfaces and supports a combination of up to eight additional 10/100 Fast Ethernet interfaces or three additional Gigabit Ethernet interfaces, making it an ideal choice for businesses requiring a high performance, Gigabit Ethernet-ready solution that provides solid investment protection.

Part of the market-leading Cisco PIX Security Appliance Series, the Cisco PIX 525 Security Appliance provides robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services through a wide range of rich security and networking services, including:
- Advanced Application-Aware Firewall Services.
- Market-Leading Voice-Over-IP and Multimedia Security.
- Robust Site-to-Site and Remote Access IPSec VPN Connectivity.
- Award-Winning Resiliency.
- Intelligent Networking Services.
- Flexible Management Solutions.

Robust Stateful Inspection and Application Layer Security
Cisco PIX Security Appliances integrate a broad range of advanced firewall services to protect businesses from the constant barrage of threats on the Internet and in many business network environments. As a secure foundation, Cisco PIX Security Appliances provide rich stateful inspection firewall services, tracking the state of all network communications and preventing unauthorized network access. Building upon those services, Cisco PIX Security Appliances deliver strong application layer security through 30 intelligent, application-aware inspection engines that examine network flows at Layers 4-7. To defend networks from application layer attacks and to give businesses more control over applications and protocols used in their environment, these inspection engines incorporate extensive application and protocol knowledge and employ security enforcement technologies that include protocol anomaly detection, application and protocol state tracking, Network Address Translation (NAT) services, and attack detection
and mitigation techniques such as application/protocol command filtering, content verification, and URL deobfuscation. These inspection engines also give businesses control over instant messaging, peer-to-peer file sharing, and tunneling applications, enabling businesses to enforce usage policies and protect network bandwidth for legitimate business applications.

Multi-Vector Attack Protection
Cisco PIX Security Appliances incorporate multi-vector attack protection services to further defend businesses from many popular forms of attacks, including denial-of-service (DoS) attacks, fragmented attacks, replay attacks, and malformed packet attacks. Using a wealth of advanced attack protection features, including TCP stream reassembly, traffic normalization, DNSGuard, FloodGuard, FragGuard, MailGuard, IPVerify, and TCP intercept, Cisco PIX Security Appliances identify and stop a wide range of attacks, and can provide real-time alerts to administrators.

Flexible Access Control and Powerful Flow-Based Policies
Administrators can also easily create custom security policies using the flexible access control technologies provided by Cisco PIX Security Appliances, including network and service object groups, user and group-based policies, and more than 100 predefined applications and protocols. Using the powerful Modular Policy Framework introduced in Cisco PIX Security Appliance Software v7.0, administrators can define granular flow-based and class map-based policies, which apply a set of customizable security services, such as inspection engine policies, Quality of Service (QoS) policies, connection timers, and more, to each administrator-specified traffic flow/class. By combining these flexible access control and per-flow/class security services, the powerful stateful inspection and application-aware firewall services, and the multi-vector attack protection services that Cisco PIX Security Appliances deliver, businesses can enforce comprehensive security policies to protect themselves from attack.

Unrestricted Software License
The Cisco PIX 525 Unrestricted model extends the capabilities of the security appliance with support for stateful failover, additional LAN interfaces, and increased VPN throughput via integrated hardware-based VPN acceleration. It includes an integrated VAC or VAC+ hardware VPN accelerator, 256 MB of RAM, two 10/100 Fast Ethernet interfaces, and support for up to eight additional 10/100 Fast Ethernet or three Gigabit Ethernet interfaces. It also adds the ability to share state information with a secondary Cisco PIX Security Appliance (either in an Active/Active or Active/Standby deployment model) for resilient network protection.

Flexible management solutions lower operational costs
The Cisco PIX 525 Security Appliance delivers a wealth of configuration, monitoring, and troubleshooting methods, giving businesses flexibility to use the methods that best meet their needs. Management solutions range from centralized, policy-based management tools to integrated, Web-based management, to support for remote-monitoring protocols such as Simple Network Management Protocol (SNMP) and syslog. Cisco PIX Security Appliances additionally provide up to 16 levels of customizable administrative roles, so that businesses can grant administrators and operations personnel the appropriate level of access to each appliance, for example: monitoring only access, read-only access to the configuration, network configuration only, firewall configuration only, and so on.

Attack Mitigation and Event Monitoring Solutions
Network-based attacks can be easily and accurately identified, managed, and eliminated within commercial or enterprise environments using the Cisco Security Monitoring, Analysis, and Response System (CS-MARS) product family. CS-MARS appliances analyze and correlate security events, syslog, and NetFlow data from numerous desktop, server, and network security solutions to determine actual attack paths and provide mitigation options, simplifying security incident management for environments where dedicated security analysts may not be available.
Additionally, Cisco offers the CiscoWorks Security Information Management Solution (CWSIMS), which is well suited for large enterprises and managed security services providers with dedicated security analysts who require in-depth data collection, forensic analysis, audit and compliance, and reporting for complex, multi-vendor networks.

World-Class Device Management Solutions
The integrated Cisco Adaptive Security Device Manager (ASDM) provides a world-class Web-based management interface that greatly simplifies the deployment, on-going configuration, and monitoring of a single Cisco PIX Security Appliance-without requiring any software (other than a standard Web browser and Java Plug-In) to be installed on an administrator's computer. Intelligent setup and VPN wizards provide easy integration into any network environment, while informative monitoring features, including a dashboard and real-time syslog viewer, provide vital device/network health status and event monitoring at a glance.