Re: [fw-wiz] Cisco ASA and FWSM

Not completely accurate. Obviously there is the hardware differences
between them (such as one being a module which can save rack space) and the
other asa or pix is an appliance. The main advantage of the fwsm is the
throughput as these are directly connected to the backplane of the layer 3
switches. Their are subtle other differences but this is the main one that
I can think of off the top of my head without going to the cisco site.

hope this helps
Kevin

On 4/25/07, Avishai Wool <yash@xxxxxxx> wrote:

AFAIK the FWSM is essentially a PIX 7.x that is stuck inside a
catalyst switch chassis. and an ASA is a PIX 7.x that is
bundled with some other (non-firewall) security functions .

the configuration language was 99.9% compatible between the ASA
and the FWSM, at least as of PIX 7.0. I'm not sure if Cisco kept the
code-bases evolving in sync - there were a few months in which FWSM was
shipping but PIX 7.0 was not released yet...

In my opinion, the main differences are "form factor" and pricing. If
all you need
is a firewall then you don't care about the other things the ASA may do.
If you already have a Catalyst with an empty expansion bay - it may
be convenient to get a FWSM (e.g. less rack-space).

HTH,
Avishai

On 4/13/07, Kimberly Fields <kimberlymfields@xxxxxxxxx> wrote:
> Can anyone tell me what, if any, are the differences between the Cisco
ASA
> firewall features and the Cisco FWSM firewall features?
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
>


--
Avishai Wool, Ph.D., Cell: +972-52-333-0052
Co-founder and Chief Technical Officer
http://www.algosec.com
******* Firewall Management Made Smarter ******
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Relevant Pages

  • Re: [fw-wiz] Cisco 2811 vs. ASA 55xx
    ... Cisco ASA units are the replacements/upgrades for the PIX. ... "Is the lack of flexibility of the ASA justified by the higher performance? ... I'm not real sure what you're trying to do security-wise with a Cisco router that a Cisco firewall appliance cannot do. ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Thoughts on the new Cisco ASA 5500 firewalls
    ... I just spoke with a Cisco sales rep about this. ... > Cisco is marketing the ASA 5500 appliances as PIX, VPN Concentrator, Secure ... > least out of scope features, ...
    (Firewall-Wizards)
  • Re: Netdisco
    ... Cisco ASA ist der "Nachfolger" der Cisco Pix ... Die ASA hat mehr Performance als die Pix, ... VPN Client Lizenzen fuer IPSEC VPN sind KOSTENLOS ...
    (de.comp.security.firewall)
  • Re: [fw-wiz] Thoughts on the new Cisco ASA 5500 firewalls
    ... From what i know looking PIXen inside and outside, IDS module is packet capture ... > Cisco is marketing the ASA 5500 appliances as PIX, VPN Concentrator, Secure ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Cisco ASA and FWSM
    ... the CPU engine in the ASA 5500 series is ... faster than what you find in a PIX. ... An FWSM on the other hand is, as has been said, an ASA on a blade. ... come with VPN concentrator capabilities. ...
    (Firewall-Wizards)