Cisco Systems, Inc.
All contents are Copyright © 1992–2003 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
Page 4 of 10
• Customizable administrative roles and access privileges
• Comprehensive enterprise change management and auditing
• “Touchless” software image management for remote Cisco PIX Security Appliances
• Support for dynamically addressed appliances
Additional integrated event management and inventory solutions are also available as part of the CiscoWorks VMS
network management suite.
The integrated Cisco PIX Device Manager provides an intuitive, Web-based management interface for remotely
configuring,monitoring,andtroubleshootingasingle Cisco PIX Security Appliance—without requiringanysoftware
(other than a standard Web browser) to be installed on an administrator’s computer. Alternatively, through methods
including Telnet and Secure Shell (SSH), or out of band through a console port, administrators can remotely
configure, monitor, and troubleshoot Cisco PIX Security Appliances using a command-line interface (CLI).
New Features Found in Cisco PIX Security Appliance Software Version 6.3
CiscoPIX Security ApplianceSoftware Version 6.3provides a wealthof new features,includingthose detailed below.
A complete list of features is available in the Cisco PIX Security Appliance Software Version 6.3 Release Notes.
Table 1 New Features and Benefits
Key Features Benefit
Enterprise-Class Security
Virtual LAN
(VLAN)-based
virtual interfaces
• Provides increased flexibility when defining security policies and eases overall
integration into switched network environments by supporting the creation of logical
interfaces based on IEEE 802.1q VLAN tags, and the creation of security policies based
on these virtual interfaces
• Supports multiple virtual interfaces on a single physical interface through
VLAN trunking
• Supports multiple VLAN trunks per Cisco PIX Security Appliance
• Supports up to 8 VLANs on Cisco PIX 515 and 515E Security Appliances, 10 VLANs on
Cisco PIX 520 and 525 Security Appliances, and 24 VLANs on Cisco PIX 535
Security Appliances
Open Shortest Path
First (OSPF)
dynamic routing
• Provides comprehensive OSPF dynamic routing services on Cisco PIX Security
Appliances using technology based on world-renowned Cisco IOS Software
• Offers improved network reliability through fast route convergence and secure, efficient
route distribution
• Delivers a secure routing solution in environments using Network Address Translation
(NAT) through tight integration with Cisco PIX Security Appliance NAT services
• Supports MD5-based OSPF authentication, in addition to plaintext OSPF authentication,
to prevent route spoofing and various routing-based DoS attacks
• Provides route redistribution between OSPF processes, including OSPF, static, and
connected routes
• Supports load balancing across equal-cost multipath routes
Secure Hypertext
Transfer Protocol
(HTTPS) authentication
proxy
• Offers a secure, Web-based method for user authentication to the firewall prior to
allowing any of the user’s network traffic to traverse the firewall
