Well, I don't have the technical specs in front of me right now. But in general, when you take a given PIX and compare it to a router that costs an equivalent amount of money (including license for FW feature set), the PIX does firewall processing faster. It also has more security features - for example, it has integration with AAA that allows you to specify a security policy with greater granularity than a router can right now. For example, when combined with AAA, you can implement a policy that allows certain users (based on username/password, not just IP address) to access certain FTP servers, HTTP, and telnet servers on the Internet, but not others. This is not easily done with a router (it can be done, but not as well as a PIX can do it).
But in general, it is true that over time, more and more features will be incorporated by Cisco into IOS, such that it may not prove necessary to buy those ancillary appliances that Cisco sells and just get a pumped up IOS router that does everything. It may not do things as well as that dedicated appliance, but it may be good enough for many customers. For example, right now you can get an IOS with that contain some (not all) IDS features, which might make an IDS sensor unnecessary if you don't need a complete IDS solution. You can get IOS with SLB, which might make a LocalDirector or even a CSS 11000 unnecessary. Routers with hardware-accelerated encryption cards might make VPN concentrators like the vpn3000 or vpn5000 unnecessary. > Hi all. > > What are some of the reasons why a person would choose a PIX solution > rather than a good router with the the right IOS for security? > > From what I've read on Cisco's site, there does not seem to be the huge > gap between using a router as a firewall solution vs. using a PIX, as some > people make it sound. > > One last thing...for the life of me, I can't find what "PIX" stands for! > Any help appreciated! Thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26619&t=26607 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]