Soumettre la recherche
Mettre en ligne
Cat6500 Praesentation
•
1 j'aime
•
1,328 vues
S
Sophan_Pheng
Suivre
6500 series Sec Services Modules - Data Centers, Enterprise, Risk management
Lire moins
Lire la suite
Signaler
Partager
Signaler
Partager
1 sur 32
Télécharger maintenant
Télécharger pour lire hors ligne
Recommandé
Bapinger Network Security
Bapinger Network Security
Djadja Sardjana
VSD Infotech
VSD Infotech
VSD infotech
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
Internap
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
Amazon Web Services
IT Security for Oil and Gas Companies
IT Security for Oil and Gas Companies
Richard Cole
Regulatory Compliance Financial Institution
Regulatory Compliance Financial Institution
Apani Enterprise Security Software
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep Security
Andrew Wong
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
AirTight Networks
Recommandé
Bapinger Network Security
Bapinger Network Security
Djadja Sardjana
VSD Infotech
VSD Infotech
VSD infotech
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
Internap
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
Amazon Web Services
IT Security for Oil and Gas Companies
IT Security for Oil and Gas Companies
Richard Cole
Regulatory Compliance Financial Institution
Regulatory Compliance Financial Institution
Apani Enterprise Security Software
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep Security
Andrew Wong
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
AirTight Networks
Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUG
tovmug
Security Intelligence
Security Intelligence
IBMGovernmentCA
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)
itforum-roundtable
Axoss Wireless Penetration Testing Services
Axoss Wireless Penetration Testing Services
Bulent Buyukkahraman
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Arrow ECS UK
Ultima - Mobile Data Security
Ultima - Mobile Data Security
trickey270
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
Arrow ECS UK
Sophos Complete Security
Sophos Complete Security
CTI Group
FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010
Andris Soroka
Trend micro real time threat management press presentation
Trend micro real time threat management press presentation
Andrew Wong
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic Workforce
Courtland Smith
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identity Defined Security Alliance
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
Tripwire
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santos
santosomar
TrendMicro
TrendMicro
1CloudRoad.com
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Minh Le
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
TUESDAY Business Network
Personal identity information protection
Personal identity information protection
Apani Enterprise Security Software
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
KaashivInfoTech Company
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
Global Business Events
Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networking
Cisco Public Relations
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
Cisco Public Relations
Contenu connexe
Tendances
Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUG
tovmug
Security Intelligence
Security Intelligence
IBMGovernmentCA
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)
itforum-roundtable
Axoss Wireless Penetration Testing Services
Axoss Wireless Penetration Testing Services
Bulent Buyukkahraman
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Arrow ECS UK
Ultima - Mobile Data Security
Ultima - Mobile Data Security
trickey270
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
Arrow ECS UK
Sophos Complete Security
Sophos Complete Security
CTI Group
FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010
Andris Soroka
Trend micro real time threat management press presentation
Trend micro real time threat management press presentation
Andrew Wong
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic Workforce
Courtland Smith
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identity Defined Security Alliance
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
Tripwire
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santos
santosomar
TrendMicro
TrendMicro
1CloudRoad.com
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Minh Le
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
TUESDAY Business Network
Personal identity information protection
Personal identity information protection
Apani Enterprise Security Software
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
KaashivInfoTech Company
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
Global Business Events
Tendances
(20)
Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUG
Security Intelligence
Security Intelligence
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)
Axoss Wireless Penetration Testing Services
Axoss Wireless Penetration Testing Services
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Ultima - Mobile Data Security
Ultima - Mobile Data Security
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
Sophos Complete Security
Sophos Complete Security
FaceTime - DSS @Vilnius 2010
FaceTime - DSS @Vilnius 2010
Trend micro real time threat management press presentation
Trend micro real time threat management press presentation
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic Workforce
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santos
TrendMicro
TrendMicro
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
Personal identity information protection
Personal identity information protection
Security as a Service Model for Cloud Environment
Security as a Service Model for Cloud Environment
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
Similaire à Cat6500 Praesentation
Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networking
Cisco Public Relations
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
Cisco Public Relations
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Arrow ECS UK
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
IntelAPAC
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
IBM Danmark
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
Amazon Web Services
Guard Era Corp Brochure 2008
Guard Era Corp Brochure 2008
GuardEra Access Solutions, Inc.
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig information
IBM Danmark
S series presentation
S series presentation
Sergey Marunich
ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4
guest66dc5f
F5 Networks: architecture and risk management
F5 Networks: architecture and risk management
AEC Networks
Kappa data corporate preso v2 luxembourg 2013
Kappa data corporate preso v2 luxembourg 2013
Kappa Data
Bridging the wired wireless
Bridging the wired wireless
Interop
Cisco switching technical
Cisco switching technical
ImranD1
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
Khazret Sapenov
Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011
chaucheckpoint
CNISP - Platform Introduction 071511pks
CNISP - Platform Introduction 071511pks
lucpaquin
Splunk Overview
Splunk Overview
Splunk
Cloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
Asa sslvpn security
Asa sslvpn security
Jack Melson
Similaire à Cat6500 Praesentation
(20)
Cisco tec rob soderbery - core enterprise networking
Cisco tec rob soderbery - core enterprise networking
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
Guard Era Corp Brochure 2008
Guard Era Corp Brochure 2008
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig information
S series presentation
S series presentation
ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4
F5 Networks: architecture and risk management
F5 Networks: architecture and risk management
Kappa data corporate preso v2 luxembourg 2013
Kappa data corporate preso v2 luxembourg 2013
Bridging the wired wireless
Bridging the wired wireless
Cisco switching technical
Cisco switching technical
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011
CNISP - Platform Introduction 071511pks
CNISP - Platform Introduction 071511pks
Splunk Overview
Splunk Overview
Cloud security and security architecture
Cloud security and security architecture
Asa sslvpn security
Asa sslvpn security
Cat6500 Praesentation
1.
Cisco Catalyst 6500 Security
Services Modules May 2007 Donovan Williams , Product Manager FWSM EBC Presentatl © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
2.
Agenda
Market Drivers Cisco 6500/7600 FireWall Services Module (FWSM) Pricing and Bundles Management Certifications EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
3.
Why is Data
Center Security important Enterprise data centers contain the assets, applications, and data that are often targeted by electronic attacks Endpoints such as data center servers are key objectives of malicious attacks and must be protected. Attacks against server farms can result in lost business for e-commerce and business-to- business applications, and the theft of confidential or proprietary information. More people have authorization to access specific services either remotely or on site (for example, consultants, temporary workers, partners, etc.) which makes data center server farms more accessible / vulnerable Hackers can use several currently available tools to inspect networks and to launch intrusion and denial of service (DoS) attacks to data center servers System Si Under Si Attack Si Core Si Aggregation Data Center Access EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
4.
Who to protect
applications from? External threats from the Internet Internal threats from the Intranet From Partner’s networks originating attacks What to protect applications from? Intrusion Denial of service Worms Remote Site Systems Under Attack Data Center Wireless LAN Enterprise Network Corporate LAN Business Partners Public Internet DMZ EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
5.
Cisco Catalyst 6500
Delivering Security in the Enterprise TRUST AND THREAT SECURE IDENTITY DEFENSE CONNECTIVITY Cisco Security Application Remote Agent Security Site Data Center Encrypted LAN / WAN Network Admission Communications IPSec Control VPN Wireless LAN Enterprise Network Identity-Based Firewalls, Intrusion Networking prevention, and Corporate LAN Anomaly Detection Business DDoS Security Partners Event Public Catalyst Integrated Mitigation Monitoring Internet Security Toolkit DMZ Analysis Mitigation Comprehensive security protection from campus LAN access, distribution, core to data center and Internet edge EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
6.
Facilities Constraints &
Growth You Will Effectively Lose 20% of Your IT Budget Availability of quality data center space and power facilities is decreasing - 50% of Enterprise Class DC’s will be technologically obsolete within 24 months - 12/05, Michael Bell, Gartner Storage growth is 40-70 % CAGR Server growth was 12% in 2005 and is expected to increase Energy bill will grow from 10% of IT budget to over 30% Over the next three years 50% of large organizations will face an annual energy bill higher than their annual server budget Source: Gartner, 2006 EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
7.
What Can Be
Done To Reduce Power of Consumed by Network Services? Action Benefit/Implication Fewer Networks = Less Cost Consolidate Networks Reduce Storage Power Draw Specialized appliances are not Avoid Gateways and power efficient due to redundant Consolidate Functions internal cooling, switching and power conversion elements 1 Network or Network Element per customer is power and space inefficient Virtualized Network Elements Consider technologies such as MPLS to enable future virtualization View Power Requirements Prioritize efforts based upon Holistically reducing overall power consumption EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
8.
Reduce Power and
Space Consumption Through Integrated Services Design Design Efficiency Catalyst 6500 power supply efficiency has improved 70-80% since 1999 Cisco ACE with FWSM reduces power by 85%~ 11kW Rack space saved with virtualized, integrated modules ~30R Additional savings from reduced cabling, port consumption and support costs BONUS: Reduce complexity, increase manageability, reduce latency, and eliminate single points of failure EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8 8
9.
Agenda
Market Drivers Cisco 6500/7600 FireWall Services Module (FWSM) Pricing and Bundles Management Certifications EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
10.
Cisco Catalyst 6500
and 7600 Series Firewall Services Module (FWSM) Product Overview EBC Presentatl © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
11.
Firewall Services Module Industry’s
Highest Performance Firewall Transparent (L2) and Routed (L3) firewalls in the same service module Resource Manager: Assign Service Classes, Resource Limits 256 VLANs per context with maximum of 1000 VLANs LAN failover active/standby (both intra/inter Performance chassis) and active/active Dynamic Routing: OSPF and RIP (2 OSPF PIX base Feature Set virtual routers) in non-virtual FW mode High Performance Firewall: Support multiple blades in the chassis, up to 5.5Gbps bandwidth (best case – 4 for 20Gbps large packets!) 80K access-lists enforced in hardware – 2.8 Million pps throughput maximum best-case figure Supported on Native IOS 12.1(13E) and 1 million concurrent connections CatOS 7.5(1) onwards 100K new connections/sec 250 Virtual firewalls/contexts FWSM v3.1 EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
12.
Scaling Switch
Integrated FW Services to 20 Gbps EBC Presentatl © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
13.
FWSM Clustering
Scaling to16 Gbps using 2 ACE Modules Using the Application Control Engine (ACE) service module to deliver a high-performance server load balancing solution Delivers upto 16 Gbps of performance Visibility into SSL encrypted traffic EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
14.
FWSM Clustering
VLAN & PBR Techniques to scale to 20 Gbps EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
15.
FWSMCatalyst Switch Security
- Key Value Proposition Silver Bullets Cisco Advantages Multiple 10-20 Gbps FWSM Offers multiple 10 Gigs Solutions throughput by load- Solutions balancing with ACE, clustering using VLANs & PBRs Low Power Service Modules have significantly lowered their power Consumption consumption. Industry’s Highest Ability to aggregate multiple data feeds into a single high Port Density performance firewall blade Catalyst Firewall Switching Module supports both inter High Availability chassis and intra chassis high availability. Switch Integration Redundant Power, DC Power, NEBS Compliant Chassis L2/L3/Mixed Mode Ability to work in both transparent and routed modes Deployment increasing deployment flexibility. Multiple media Addressing wide area of uplink requirements including types copper, fiber and 10 GE. EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
16.
Agenda
Market Drivers Cisco 6500/7600 FireWall Services Module (FWSM) Pricing and Bundles Management Certifications EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
17.
6500 / 7600
Firewall Services Module Overview and Pricing Performance 5.5Gbps bandwidth 2.8 Million pps throughput 1 million concurrent connections 100K new connections/sec Advanced Features Firewall Services Module Product ID: WS-SVC-FWM-1= 250 Virtual firewalls/contexts US List Price: $34,995 Transparent (L2) and Routed (L3) firewalls in the same service module Resource Manager: Assign Service Classes, Resource Limits Available : Now 256 VLANs per context with maximum of 1000 VLANs LAN failover active/standby (both intra/inter chassis) and active/active Dynamic Routing: OSPF and RIP (2 OSPF virtual routers) in non-virtual FW mode Support multiple blades in the chassis, up to 4 for 20Gbps 80K access-lists enforced in hardware – maximum best-case figure All rights reserved. EBC Overview © 2006 Cisco Systems, Inc. Cisco Public 17
18.
Catalyst 6500 /
Cisco 7600 Firewall Systems Sup720-3B Bundles WS-C6503-E-FWM-K9 $59,995 WS-C6506-E-FWM-K9 $64,995 WS-C6509-E-FWM-K9 $69,995 WS-C6513-FWM-K9 $74,995 Available : Now Value - Increased Advanced Technology revenue and Partner VIP rebate Proposition - Ease of ordering / configuration - Upgraded technology - Enhanced chassis and Sup 720-3B - Additional discount - ensure competitiveness Chassis - Catalyst 6500 E-series and Fan Trays and - Supervisor 720 with PFC3B Supervisor - Firewall Module and IOS 12.2(18)SXF or 12.2(18)SF2 - Power Supply not included EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
19.
NEW Catalyst 6500
/ Cisco 7600 Firewall Systems Sup720-3BXL Bundles WS-6506-EXL-FWM-K9 $80,990 WS-6509-EXL-FWM-K9 $84,990 WS-C6513-XL-FWM-K9 $90,990 Available : Now Value - Increased Advanced Technology revenue and Partner VIP rebate Proposition - Ease of ordering / configuration - Upgraded technology - Enhanced chassis and Sup 720-3BXL - Additional discount - ensure competitiveness Chassis - Catalyst 6500 E-series and Fan Trays and - Supervisor 720 with PFC3BXL Supervisor - Firewall Module and IOS 12.2(18)SXF or 12.2(18)SF2 - Power Supply not included EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
20.
NEW Catalyst 6500
/ Cisco 7600 Firewall Systems with TWO Firewall Serives Modules Sup720-3BXL Bundles WS-C6509-EXL-2FWM-K9 $113,000 WS-C6513XL-2FWM-K9 $118,000 Available : Now Value - Increased Advanced Technology revenue and Partner VIP rebate Proposition - Ease of ordering / configuration - Upgraded technology - Enhanced chassis and Sup 720-3BXL - Additional discount - ensure competitiveness Chassis - Catalyst 6500 E-series and Fan Trays and - Supervisor 720 with PFC3BXL Supervisor - 2 Firewall Modules and IOS 12.2(18)SXF or 12.2(18)SF2 - Power Supply not included EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
21.
Agenda
Market Drivers Cisco 6500/7600 FireWall Services Module (FWSM) Pricing and Bundles Management Certifications EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
22.
Management Overview EBC Presentatl
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
23.
Single Module Management ASDM.F
ASDM.F (5.2 current) Either Java applet (https://...) or Java Webstart program that runs on your PC Understands all FWSM features Manages virtual firewalls Real-time logging Monitoring Can run in admin context mode or per-context basis self- adapts accordingly Free EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
24.
Multi-device manager:
Cisco Security Manager Superior Usability VPN Administration VPN Wizard setup Site-to-Site, hub-spoke Administer policies and full mesh VPN’s visually on tables or with a few mouse clicks topology map Configure remote-access Policy Administration VPN, DMVPN, and Easy Jumpstart help: an extensive animated learning tool VPN devices Firewall Administration Centrally provision Flexible management views policies for firewalls , VPN’s and IPS Client/Server architecture IPS Administration Configure policies for ASA, Very scalable PIX, FW SM and IOS Single rule table for all Automatic updates to the Policy Inheritance platforms IPS Sensors feature enables consistent policies Intelligent analysis of policies Support for Outbreak across enterprise Prevention Services Sophisticated rule table Powerful device grouping editing options Compresses the number of access rules required EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
25.
CS-M
Device support Products Supported Pix: 6.3.x, 7.0.x, 7.1.x, ASA: 7.0.x, 7.1.x, FWSM 2.2, 2.3 and 3.1 IOS Routers: 12.3.x and 12.4.x, with and without IOSFW feature IOS Routers need to be able to talk SSH / SSL (standard in 12.4) Catalyst 65xx series for router ACL’s VPN Service Module, VPN SPA Module All IPS devices with versions 4.x and 5.x Technologies Supported FWSM: Near full feature coverage CS-M 3.1 coming out in March 07 supports FWSM 3.2 Pix 7.0/7.1 and ASA 7.0/7.1: Near full feature coverage except SSL VPN IPS devices: Near full feature coverage IOS: Only security related features and features that have a direct relation with VPN such as: routing, Qos, dial backup etc EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
26.
Agenda
Market Drivers Cisco 6500/7600 FireWall Services Module (FWSM) Pricing and Bundles Management Certifications EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
27.
FWSM Testing /
Certifications Common Criteria – 3.1(3.17) is EAL4 Certified!! FWSM is SafeHarbor Certified - 3.1(4.X) is going through testing right now; next SH will test 3.2(2) Internal validation of Performance Metric - Measuring current metrics and deltas with previous releases Internal testing for FWSM Clustering up to 20 Gbps FWSM testing in Voice environments in progress by VTG Testing in progress for FWSM in bursty Multicast environments to mimic traffic streams for Global Financial trading sector K8 (image without strong crypto) available Q4FY07 with 3.1.5 Testing FWSM with Telepresence deployments EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
28.
Agenda
Market Drivers Customer Case Study Cisco 6500/7600 FireWall Services Module (FWSM) Pricing and Bundles Firewall Services Module Key Features EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
29.
FWSM 4.0 Roadmap
Update SUP32+PISA + FWSM Interoperability Programmable Intelligent Services Accelerator EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
30.
FWSM 4.0 Roadmap
Update SUP32+PISA + FWSM Interoperability EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30
31.
References
Firewall Services Module Web Site http://www.cisco.com/go/fwsm Firewall Services Module (FWSM) Configuration Guide: http://www.cisco.com/en/US/partner/products/hw/switches/ps708/p roducts_module_configuration_guide_book09186a0080579a1e.ht ml Cisco Conversion Tool http://www.cisco.com/web/partners/sell/technology/security/resources.html#technical Information on PISA http://www.cisco.com/en/US/products/ps7209/index.html EBC Overview © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 31
32.
EBC Overview
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 32
Télécharger maintenant