Your incorrect about both features. For future reference, if you do a search on "stateful packet filter" on the cisco web site, one of the first entries is an article that talks about the stateful filtering capabilities of the Cisco router IOS.
Cisco router IOS has supported stateful filter capabilities for at least 3 years on the 1600 and 2500 platforms and about 2 years on just about every other major router platform 2600-7200. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t5/iosfw2/iosfw2_2.htm Router IOS has also supported authentication proxy, which is very similar to the PIXes cut-through proxy feature, for over 1 year: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 t/120t5/iosfw2/iosfw2_1.htm As to the original question, I answered this 5 months ago, it's in the archives: http://www.groupstudy.com/archives/cisco/200106/msg02089.html -Kent -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Justin Lofton Sent: Wednesday, November 28, 2001 12:49 PM To: [EMAIL PROTECTED] Subject: RE: The Scoop on PIX? [7:26607] Stateful firewalling and cut through proxy which cannot be done on the router. Justin Lofton Account Executive/CCNA Tredent Data Systems [EMAIL PROTECTED] V: (818) 222-3770 F: (818) 222-3778 http://www.tredent.com/ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Mcfadden, Chuck Sent: Wednesday, November 28, 2001 12:03 PM To: [EMAIL PROTECTED] Subject: RE: The Scoop on PIX? [7:26607] 1. (Probably the only real reason) Off load processor overhead by having packet filtering happen somewhere other than the device that is trying to also perform routing tasks. 2. DMZ? (Can be handled via router, though [processor issue - see above]) 3. Redundancy without the need for dual WAN connectivity Those are about the only reasons I can think of. Any one else think of any? I have no idea what PIX stands for...GREAT Question!!! ccie1ab -----Original Message----- From: BASSOLE Rock [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 28, 2001 11:01 AM To: [EMAIL PROTECTED] Subject: RE: The Scoop on PIX? [7:26607] -----Message d'origine----- De : Andrew Michael [mailto:[EMAIL PROTECTED]] Envoyi : dimanche 18 novembre 2001 00:09 @ : [EMAIL PROTECTED] Objet : The Scoop on PIX? [7:26607] Hi all. What are some of the reasons why a person would choose a PIX solution rather than a good router with the the right IOS for security? From what I've read on Cisco's site, there does not seem to be the huge gap between using a router as a firewall solution vs. using a PIX, as some people make it sound. One last thing...for the life of me, I can't find what "PIX" stands for! Any help appreciated! Thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27595&t=26607 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
