The Cisco IOS® Firewall Feature set, which adds sophisticated firewall capabilities to the existing security services of Cisco IOS software, is now available for the Cisco 7200 series. Customers can now take advantage of high-performance firewall services integrated with the performance, flexibility, and cost-effectiveness of the Cisco 7200 platform. These services are of particular benefit for users deploying virtual private network (VPN) applications.
The Cisco IOS Firewall Feature set is available for the Cisco 7200 series beginning with Cisco IOS Release 12.0(3)T and subsequent releases of 12.0T. The Firewall Feature set is included with specific IP, desktop, and enterprise software images.
The Cisco IOS Firewall enhances existing Cisco IOS security capabilities such as authentication and encryption with firewall capability. This includes stateful, application-based filtering, Java blocking, defense against network attacks such as SYN flooding, port scans, and packet injection, and support for VPNs based on the Internet Protocol Security (IPSec) standard.
Benefits of the Cisco IOS Firewall feature set include:
- VPN Supportusing Cisco IOS Firewall with other Cisco IOS encryption and quality of service (QoS) features enables secure, low-cost transmission over public networks, reduces implementation and management costs for remote branch offices and extranets, and ensures mission-critical application traffic receives high-priority delivery. Cisco IOS supports multiple tunneling protocols, including Generic Routing Encapsulation (GRE), Layer 2 Forwarding (L2F), Layer 2 Tunneling Protocol (L2TP), and Internet Protocol Security (IPSec) with both 56-bit (DES) and 168-bit (3DES) encryption.
- Flexibilitythis all-in-one solution can perform routing, provide protected Internet connectivity, and apply distinct security characteristics according to a user-defined policy to each interface on a per-user or per-application basis.
- Investment protectionintegrating firewall functionality into a multiprotocol router leverages an existing router investment. Routers are usually deployed to separate sensitive network segments and manage private/public network interfaces. The addition of Cisco IOS Firewall saves costs and management training associated with learning a new platform.
- Ease of managementwith remote management capabilities, a network administrator can implement security features from a central console over the network.
|Context-Based Access Control (CBAC)||
|Denial of Service Detection/Prevention||
|Basic and Advanced Traffic Filtering||
|Policy-Based Multiple Interface Support||
|Peer Router Authentication||
Cisco IOS Firewall is available for the Cisco 7200 series with Cisco IOS Release 12.0(3)T and subsequent 12.0T releases. IP-only, Desktop/IBM, and Enterprise images with two levels of encryption (IPSec 56 and IPSec 3DES) can be ordered with the Cisco IOS Firewall option.
Cisco IOS Firewall is also available for Cisco 1600, 1720, 2500, 2600, and 3600 series routers.
Additional information about the Cisco IOS Firewall Feature Set can be found at: http://www.cisco.com/warp/public/778/security/firewall/.
Please contact Mark Jansen, product manager, Enterprise WAN Software Products, at email@example.com or Jocelyne Okrent, product manager, Cisco IOS Firewall Feature Set, at firstname.lastname@example.org for additional details.