>Major differences:
>- default state: per default a router let the traffic go through while
> the PIX is closed. Hence the PIX is slightly more secure
>- multicast: the PIX cannot handle multicast
>- authorization: IOS-fw can handle authentication and authorization
> only via HTTP while PIX can do HTTP, FTP, Telnet
>- failover support (with stateful) only for PIX, IOS-fw can use
> HSRP for stateless fail-over
>- no URL filtering on IOS-fw
>- PIX has received a TTAP certification
>
>Minor differences:
>- NAT support is always being extended on both platform but they are
> not sync'ed
>- PAT is also slightly different (IOS fw can re-use the IP address
> of the router)
>- PIX can use TCP for logging and can be blocked when the log server
> is down (for security)
>
>
>Else, they are very similar: same architecture (inspection at multiple
layers),
>SNMP/syslog support, IPSec support, Radius, Tacacs+, TFTP upgrades, ...
>
>Hope this helps
Thanks eric, it surely did help. But I have one more question if you don�t
mind.
Any idea on the performance differences between them? (pix and IOS fw)
TIA,
F�bio.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
